Red Hat Product Errata RHSA-2024:3427 - Security Advisory
Issued:
2024-05-28
Updated:
2024-05-28

RHSA-2024:3427 - Security Advisory

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2262126 - CVE-2024-1086 kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.src.rpm SHA-256: efe556654011dadf0d06ca7e40172700b5ff5697a0d23ff1ed655ef32758b008
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.src.rpm SHA-256: f5eb65217613eaa7d17ebc0ae5e433be5a0b18d42b4b337f26b2a4b3548fcfb0
x86_64
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.x86_64.rpm SHA-256: b73d5f7d913dfbd7d868498b96e1fc1e59225e9bb97d319d82a6051886d9c19c
kpatch-patch-5_14_0-70_80_1-debuginfo-1-4.el9_0.x86_64.rpm SHA-256: 1bb9ac6f09afba65f1a1547281c49d55cec3914193da1a68e1f3c22c80607488
kpatch-patch-5_14_0-70_80_1-debugsource-1-4.el9_0.x86_64.rpm SHA-256: 0249b6580a60a09091721d94c00a009a48ef1ab94b49383774f652bd3844bbc1
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.x86_64.rpm SHA-256: 3d3ab5573e2b3d295d90d7c08844e5ecb5caa3653acb4c02d4290b4ae9ec20d3
kpatch-patch-5_14_0-70_85_1-debuginfo-1-3.el9_0.x86_64.rpm SHA-256: bc73093eb70ab1244e932658fcce11ce1472d627d33849e1d7dcebfdcb495ab1
kpatch-patch-5_14_0-70_85_1-debugsource-1-3.el9_0.x86_64.rpm SHA-256: 4aeb7563bc57c0fbc07654f483a65d6ba0da8d020325e65edd941a8fee6719ec

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.src.rpm SHA-256: efe556654011dadf0d06ca7e40172700b5ff5697a0d23ff1ed655ef32758b008
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.src.rpm SHA-256: f5eb65217613eaa7d17ebc0ae5e433be5a0b18d42b4b337f26b2a4b3548fcfb0
ppc64le
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.ppc64le.rpm SHA-256: 1b9e62a67f30cac0b9511356ada17b921233d3983c52c04e5ccb7f2faffe85bc
kpatch-patch-5_14_0-70_80_1-debuginfo-1-4.el9_0.ppc64le.rpm SHA-256: 377ca7a6a312589eaaab4ac4ab12cb71d67ecf99fbe72864707173a2f9aa6f29
kpatch-patch-5_14_0-70_80_1-debugsource-1-4.el9_0.ppc64le.rpm SHA-256: 3272582988ad459731efa8acb31ba816f645d3bdd8a839ec2df66d015b520aa6
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.ppc64le.rpm SHA-256: dc9d501981b248e6822cbf8eca8b6b9a53f7bb8614df4b227b235087ba7995ae
kpatch-patch-5_14_0-70_85_1-debuginfo-1-3.el9_0.ppc64le.rpm SHA-256: d0bf0d47ca72a6c596e52cfd45b3ccdfeb1a4252d1a9ef9fb5565e418ea53a64
kpatch-patch-5_14_0-70_85_1-debugsource-1-3.el9_0.ppc64le.rpm SHA-256: d698d18d38fd9775375834ec79d4d9c145fe2a5e43312802d06ae2bf4dc4aa31

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.src.rpm SHA-256: efe556654011dadf0d06ca7e40172700b5ff5697a0d23ff1ed655ef32758b008
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.src.rpm SHA-256: f5eb65217613eaa7d17ebc0ae5e433be5a0b18d42b4b337f26b2a4b3548fcfb0
ppc64le
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.ppc64le.rpm SHA-256: 1b9e62a67f30cac0b9511356ada17b921233d3983c52c04e5ccb7f2faffe85bc
kpatch-patch-5_14_0-70_80_1-debuginfo-1-4.el9_0.ppc64le.rpm SHA-256: 377ca7a6a312589eaaab4ac4ab12cb71d67ecf99fbe72864707173a2f9aa6f29
kpatch-patch-5_14_0-70_80_1-debugsource-1-4.el9_0.ppc64le.rpm SHA-256: 3272582988ad459731efa8acb31ba816f645d3bdd8a839ec2df66d015b520aa6
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.ppc64le.rpm SHA-256: dc9d501981b248e6822cbf8eca8b6b9a53f7bb8614df4b227b235087ba7995ae
kpatch-patch-5_14_0-70_85_1-debuginfo-1-3.el9_0.ppc64le.rpm SHA-256: d0bf0d47ca72a6c596e52cfd45b3ccdfeb1a4252d1a9ef9fb5565e418ea53a64
kpatch-patch-5_14_0-70_85_1-debugsource-1-3.el9_0.ppc64le.rpm SHA-256: d698d18d38fd9775375834ec79d4d9c145fe2a5e43312802d06ae2bf4dc4aa31

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.src.rpm SHA-256: efe556654011dadf0d06ca7e40172700b5ff5697a0d23ff1ed655ef32758b008
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.src.rpm SHA-256: f5eb65217613eaa7d17ebc0ae5e433be5a0b18d42b4b337f26b2a4b3548fcfb0
x86_64
kpatch-patch-5_14_0-70_80_1-1-4.el9_0.x86_64.rpm SHA-256: b73d5f7d913dfbd7d868498b96e1fc1e59225e9bb97d319d82a6051886d9c19c
kpatch-patch-5_14_0-70_80_1-debuginfo-1-4.el9_0.x86_64.rpm SHA-256: 1bb9ac6f09afba65f1a1547281c49d55cec3914193da1a68e1f3c22c80607488
kpatch-patch-5_14_0-70_80_1-debugsource-1-4.el9_0.x86_64.rpm SHA-256: 0249b6580a60a09091721d94c00a009a48ef1ab94b49383774f652bd3844bbc1
kpatch-patch-5_14_0-70_85_1-1-3.el9_0.x86_64.rpm SHA-256: 3d3ab5573e2b3d295d90d7c08844e5ecb5caa3653acb4c02d4290b4ae9ec20d3
kpatch-patch-5_14_0-70_85_1-debuginfo-1-3.el9_0.x86_64.rpm SHA-256: bc73093eb70ab1244e932658fcce11ce1472d627d33849e1d7dcebfdcb495ab1
kpatch-patch-5_14_0-70_85_1-debugsource-1-3.el9_0.x86_64.rpm SHA-256: 4aeb7563bc57c0fbc07654f483a65d6ba0da8d020325e65edd941a8fee6719ec

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.