Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0529: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2020-0466: kernel: use after free in eventpoll.c may lead to escalation of privilege
  • CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-02-15

Updated:

2022-02-15

RHSA-2022:0529 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466)
  • kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.3 x86_64

Fixes

  • BZ - 1920480 - CVE-2020-0466 kernel: use after free in eventpoll.c may lead to escalation of privilege
  • BZ - 2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL

Red Hat Enterprise Linux Server - AUS 7.3

SRPM

kernel-3.10.0-514.97.1.el7.src.rpm

SHA-256: 8733ce7e0af15edd8b635dd11ab55499f98cd1eb0e120181d8420df3938580b5

x86_64

kernel-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 1915ed1eb993d1da311930e37002ced9ae19ce41b2177e29e4e73c003d4e4f97

kernel-abi-whitelists-3.10.0-514.97.1.el7.noarch.rpm

SHA-256: b3721e02423f985920153756f4fc9b6d5554a3cc5b34b165aea1e4b83776730c

kernel-debug-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 7308bae69f59dd2a272f3ec89deac551636a799b1961469b45d3f6c9aa03bfb7

kernel-debug-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 321315b95fe0a2734ce3a79c912503ac754ed655c0e3de94c8a8e6ed12329fda

kernel-debug-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 321315b95fe0a2734ce3a79c912503ac754ed655c0e3de94c8a8e6ed12329fda

kernel-debug-devel-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 9658f5434a08caba1748da758e99b101c41c1efc748b8c12bb0eb9f619f5bd2e

kernel-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 9f71fd2669ee6bd0663c62f5fea07536c656dd8e3ea2ec4b69553f1a702e03a0

kernel-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 9f71fd2669ee6bd0663c62f5fea07536c656dd8e3ea2ec4b69553f1a702e03a0

kernel-debuginfo-common-x86_64-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 0e1f71a17da33940f2c8c22165c51f185471a507ff656d1828cb3595a6671344

kernel-debuginfo-common-x86_64-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 0e1f71a17da33940f2c8c22165c51f185471a507ff656d1828cb3595a6671344

kernel-devel-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 5a744a44eb7be45ded2b5c6c7c64c4af9f0c4140ca6bbd5a2b94899232360904

kernel-doc-3.10.0-514.97.1.el7.noarch.rpm

SHA-256: 91677ddd816809ac2f1ca751f208bfbb3cbdf4cf71aa572791d29686b1685cfd

kernel-headers-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 27d814d0e882ac6b7a1cc758da1c41aed551f4911c01893b956ccef6e5938512

kernel-tools-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: a562fb66d262a569d634e6349c8ad6a844db91e7be82b5c47b6d49a37d96f4b2

kernel-tools-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: d743843c3f2a4aa32868627d6db389ecd155c5ea21de8cc821e4a25e5e396f10

kernel-tools-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: d743843c3f2a4aa32868627d6db389ecd155c5ea21de8cc821e4a25e5e396f10

kernel-tools-libs-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: bbaebcdc0ee96f02a6d0115bd2bdc5e760710e6fa906f10c224b94194c26932d

kernel-tools-libs-devel-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: feeb066c99106e8fa55db23742cac39c3dc6bc08553901873f2c99399af3e1a2

perf-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: eedd3cc4d1ca1de2b0f9e5af9f0bbe73cb4ff3c0dd270895edf5484ea9290e73

perf-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 5eecd184029ea4b8bc84357d3ab793a8db33c3cda7244015e4425950dd2750de

perf-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: 5eecd184029ea4b8bc84357d3ab793a8db33c3cda7244015e4425950dd2750de

python-perf-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: a385d30509606e670050e9d06bd9bab7a2b1c352ee076eb3b1458f6529e62bcd

python-perf-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: f2a0022d706a74f03042e40d7c93324075538152621adf1ae7d51ce3a04670dd

python-perf-debuginfo-3.10.0-514.97.1.el7.x86_64.rpm

SHA-256: f2a0022d706a74f03042e40d7c93324075538152621adf1ae7d51ce3a04670dd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data