Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:1106: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
  • CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-03-29

Updated:

2022-03-29

RHSA-2022:1106 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
  • kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.3 x86_64

Fixes

  • BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
  • BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush

Red Hat Enterprise Linux Server - AUS 7.3

SRPM

kernel-3.10.0-514.99.1.el7.src.rpm

SHA-256: e119bf02c3ed0ee3d44a8efc9fcf5b853d1f33a5be7d01f27832a8f283303e1b

x86_64

kernel-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: b137e9ace4b4be90259e7ef3438622d3ac23419769cc6bf26212892831259351

kernel-abi-whitelists-3.10.0-514.99.1.el7.noarch.rpm

SHA-256: 27a1cd56063f40ed660217ab6e4ff66d06320168e9a25ec12c4433b57693206d

kernel-debug-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 5fe6d29844020b7449162f488de920c6797d1b82084085ba69e79bd3256984a8

kernel-debug-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 64f2dd57d88513561d67d2313d193ef1ecd996b23ba8165e34ce24b0110a4480

kernel-debug-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 64f2dd57d88513561d67d2313d193ef1ecd996b23ba8165e34ce24b0110a4480

kernel-debug-devel-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 2091e31dfcf8a3ed632897e0b54c7fc04292ef49cf4491251ccce8db2b35fa97

kernel-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 8d09f7c7dfbf58bfbbe8e48e389b17fe952181ee3c6762c6105d3dda132cafc6

kernel-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 8d09f7c7dfbf58bfbbe8e48e389b17fe952181ee3c6762c6105d3dda132cafc6

kernel-debuginfo-common-x86_64-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: f74df9cda17275879217cc63060718c124bc5ef308b8d99df5b06043b49f9a38

kernel-debuginfo-common-x86_64-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: f74df9cda17275879217cc63060718c124bc5ef308b8d99df5b06043b49f9a38

kernel-devel-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 471e8f7c80a9109f4e1be04ceb1b8661d63b11cafb769dacadab0ac31df71644

kernel-doc-3.10.0-514.99.1.el7.noarch.rpm

SHA-256: e933474ba20c67eb23858719863b3dc3f93e8c5338bdfca54507ae6b9e3d9a24

kernel-headers-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 15c5d8fa60f409aa5e3c122f4ddf1a2fd90a841fa6f91f15ea058967dfeedabc

kernel-tools-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 5365a1713f3bf66f082f4f4723828c818353a546563db84de4b7bc52d2c21239

kernel-tools-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 098d9ce734170cc4a3458e638365b9aa1590acc20ed2ad61c95c29ec6c27d6fb

kernel-tools-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 098d9ce734170cc4a3458e638365b9aa1590acc20ed2ad61c95c29ec6c27d6fb

kernel-tools-libs-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: cf2e22b3425c9ef88495e0f44dc1364c349489acf49d47c5c5e9ac946d6eee39

kernel-tools-libs-devel-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 32a229a43311b27fe20513306b3395ad4240e06867d7fe6d854b261e6cf5e34f

perf-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 5676585804c74ebf4601b9c39839e93b8df5e954446e270871eccc74b6d86095

perf-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 0b7baf1d7943a346a9e3f2e7d7408c7a4965f22b0a70723e2884867c32bd7be8

perf-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 0b7baf1d7943a346a9e3f2e7d7408c7a4965f22b0a70723e2884867c32bd7be8

python-perf-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 632798e53dc55fb2fb4a33763699d2ad92f3c9822da664d940507755e3b53080

python-perf-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 0e35c3c9ab15bc2d5ee9186c3c1aa32f264550dc6d88d5c45cf595d4c8b05e64

python-perf-debuginfo-3.10.0-514.99.1.el7.x86_64.rpm

SHA-256: 0e35c3c9ab15bc2d5ee9186c3c1aa32f264550dc6d88d5c45cf595d4c8b05e64

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data