Red Hat Security Advisory 2022-6243-01

Red Hat Security Advisory 2022-6243-01: Posted Aug 31, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6243-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2022-0494, CVE-2022-1353; SHA-256 | cb70b3258fb9d069f824d3ce0e82b6f98ac24afbee38e5acad4f326d990c751f; Download | Favorite | View

Red Hat Security Advisory 2022-6243-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: kernel security and bug fix update
Advisory ID:       RHSA-2022:6243-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6243
Issue date:        2022-08-30
CVE Names:         CVE-2022-0494 CVE-2022-1353
====================================================================
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.4
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* information leak in  scsi_ioctl() (CVE-2022-0494)

* A kernel-info-leak issue in pfkey_register (CVE-2022-1353)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* unable to handle kernel paging request at 0000138040000237 (BZ#2100406)

* bnxt_en: Update driver to the latest upstream version (BZ#2100422)

* too long timeout value with TIME_WAIT status of conntrack entry
(BZ#2104004)

* tcp: request_sock leak in Calico OCP (BZ#2104671)

* net: openvswitch: fix parsing of nw_proto for IPv6 fragments (BZ#2106704)

* ipv6: 'disable_policy' is ignored for addresses configured on a down
interface (BZ#2109972)

* Percpu counter usage is gradually getting increasing during podman
container recreation. (BZ#2110040)

* trouble re-assigning MACs to VFs, ice stricter than other drivers
(BZ#2111937)

* ceph: add support for rxbounce option (BZ#2112967)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2039448 - CVE-2022-0494 kernel: information leak in  scsi_ioctl()
2066819 - CVE-2022-1353 Kernel: A kernel-info-leak issue in pfkey_register

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.4):

Source:
kernel-4.18.0-305.62.1.el8_4.src.rpm

aarch64:
bpftool-4.18.0-305.62.1.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-core-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.62.1.el8_4.aarch64.rpm
perf-4.18.0-305.62.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
python3-perf-4.18.0-305.62.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm

noarch:
kernel-abi-stablelists-4.18.0-305.62.1.el8_4.noarch.rpm
kernel-doc-4.18.0-305.62.1.el8_4.noarch.rpm

ppc64le:
bpftool-4.18.0-305.62.1.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.62.1.el8_4.ppc64le.rpm
perf-4.18.0-305.62.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
python3-perf-4.18.0-305.62.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm

s390x:
bpftool-4.18.0-305.62.1.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-core-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-devel-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-headers-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-modules-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-tools-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.62.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.62.1.el8_4.s390x.rpm
perf-4.18.0-305.62.1.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm
python3-perf-4.18.0-305.62.1.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.s390x.rpm

x86_64:
bpftool-4.18.0-305.62.1.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-core-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.62.1.el8_4.x86_64.rpm
perf-4.18.0-305.62.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
python3-perf-4.18.0-305.62.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v. 8.4):

aarch64:
bpftool-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.62.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.62.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.62.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.62.1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0494
https://access.redhat.com/security/cve/CVE-2022-1353
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYw7i99zjgjWX9erEAQjm8hAAim7JYeLF1i00jYkLxSkRBkG/WnDKJYSH
QXv/U9a7yhePSLFuA2M5QkZxmeTuwGicumkzIBxw0jyU2vnJLIIYhWiavF4mHio5
UxUGOYHNZhSY/5uoagnw8zLm5CK1uvWDCtg4MHOQDlqFxHXlFMCiHnq8eIq5BO4p
WkPalraIf2aX6XwHta1CMnpKqrJ4V8HFvAiqfQo9Wz9/16L5o7f1aqZn8xuQubeW
MEWIB9aw31eO7IRsyQ3iMQ9KBvuDhacpOxzMVYIUyHBg7iDvgLjFKT9fN+eI8tc0
d9sM1y+KOcWy+ygRbiemBeujQjWBl+PLaYHTpZtc365l5kkIgVntpU0LKacmwTMx
LDTSAWA/xlnsNQ9quzo7iNZqy3ksaGjV0Z9c/QIz83FCsgu4QRumcigNTWrMz1QX
H69z+HHvAg/IDuP02SPbOhz8UM9I/TWET6ZpR0vBYq4aKdM6Qe7wsDfxAuOkavx0
UDepu2DxqohDg0jWiPjeA6Xx0tcD7mS50IzlZxT8tu/oVTYvBzYP7yCEaaZ6ilDI
/0YLCwTnhZlo3ZY90VBdRWWXjzyQf1+Q/X4tygJXbACndNfN9x2Q+N3um3aPugmg
K86DX8JvRY15OeS6SIHyaJAxJYMrDX1/Iqm2962qUkZagnjO3T5M4D95R6KAcQs+
cCwhm4aQHyA=PzwV
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 62 files
Debian 23 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Red Hat Security Advisory 2022-6243-01

Red Hat Security Advisory 2022-6243-01

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2022-6243-01

Share This

Red Hat Security Advisory 2022-6243-01

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems