ALSA-2022:7134 Important: kernel-rt security and bug fix update

AlmaLinux 2318 Published 2022-10-27 05:13 by Philipp Esselbach

News

A kernel-rt security and bug fix update has been released for AlmaLinux 8.

ALSA-2022:7134 Important: kernel-rt security and bug fix update

Type:
security

Severity:
important

Release date:
2022-10-26

Description
Security Fix(es):
* kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
* kernel: information leak in scsi_ioctl() (CVE-2022-0494)
* Kernel: A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
* hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
* hw: cpu: AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825)
* hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* rhel8-rt BUG: using __this_cpu_add() in preemptible 00000000 - caller is __mod_memcg_lruvec_state+0x69/0x1c0 (BZ#2122600)
* The latest AlmaLinux 8.6.z4 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2125396)

References:
RHSA-2022:7134
CVE-2022-0494
CVE-2022-1353
CVE-2022-23816
CVE-2022-23825
CVE-2022-2588
CVE-2022-29900
CVE-2022-29901
ALSA-2022:7134

Updates packages:
kernel-rt-modules-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-modules-extra-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-modules-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-devel-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-kvm-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-devel-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-debug-core-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm
kernel-rt-core-4.18.0-372.32.1.rt7.189.el8_6.x86_64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

ALSA-2022:7134 Important: kernel-rt security and bug fix update

ELSA-2022-7087 Moderate: Oracle Linux 7 389-ds-base security and bug fix update (aarch64)

Curl (SSA:2022-299-01)

ALSA-2022:7134 Important: kernel-rt security and bug fix update

ALSA-2022:7134 Important: kernel-rt security and bug fix update

Windows

Linux

macOS

Community