Headline
RHSA-2022:0176: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
- CVE-2022-0185: kernel: fs_context: heap overflow in legacy parameter handling
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-01-19
Updated:
2022-01-19
RHSA-2022:0176 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
- kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000050e86018>] handle_userfault+0x530/0x1820 (BZ#2029422)
- kernel-rt: update RT source tree to the RHEL-8.5.z source tree (BZ#2032059)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
Fixes
- BZ - 2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
- BZ - 2040358 - CVE-2022-0185 kernel: fs_context: heap overflow in legacy parameter handling
Red Hat Enterprise Linux for Real Time 8
SRPM
kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm
SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915
x86_64
kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a
kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383
kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7
kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06
kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548
kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf
kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5
kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346
kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f
kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8
kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be
kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b
kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88
Red Hat Enterprise Linux for Real Time for NFV 8
SRPM
kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm
SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915
x86_64
kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a
kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383
kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7
kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06
kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548
kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf
kernel-rt-debug-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 5b8dd8d3a0097279f165a5f914217f800716661e8bd10a582a3010f4c918ba16
kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5
kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346
kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f
kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8
kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be
kernel-rt-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: bbf976079d3c37ec25d5e2b817d21fcf751ab3fab17c62048dc461cf589b2ade
kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b
kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm
SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.