Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:0232: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
  • CVE-2022-0185: kernel: fs_context: heap overflow in legacy parameter handling
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Red Hat Customer Portal

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-01-24

Updated:

2022-01-24

RHSA-2022:0232 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
  • kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le

Fixes

  • BZ - 2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
  • BZ - 2040358 - CVE-2022-0185 kernel: fs_context: heap overflow in legacy parameter handling

Red Hat Enterprise Linux for x86_64 8

SRPM

kpatch-patch-4_18_0-348-1-2.el8.src.rpm

SHA-256: a1d12228d4c6ecf45da5eafdf9ded08d7feb96a2a14c65fd7fe3580965dbd17b

kpatch-patch-4_18_0-348_2_1-1-1.el8_5.src.rpm

SHA-256: dabed7d05315727fc83c518dc147e70250951820dfb27d1540aa076570404c69

kpatch-patch-4_18_0-348_7_1-1-1.el8_5.src.rpm

SHA-256: 7490159dda974dd96f5bd1e53a441483c909299ef43473a18e971a2d25a979bb

x86_64

kpatch-patch-4_18_0-348-1-2.el8.x86_64.rpm

SHA-256: 65abb0d2aca27c59eb289df895b16ef7d2d71d2e1aa77b3a456c7cc5fcf3d216

kpatch-patch-4_18_0-348-debuginfo-1-2.el8.x86_64.rpm

SHA-256: f0f161fff0bbdc0a6f21b37354cb8dd9d165d2adf375919a377cc96be5b80264

kpatch-patch-4_18_0-348-debugsource-1-2.el8.x86_64.rpm

SHA-256: 69804ccbe574b7d47513f52352192290980bd029f9672ab7fead3ec7147954dd

kpatch-patch-4_18_0-348_2_1-1-1.el8_5.x86_64.rpm

SHA-256: e33afba3d3a61cf96b463c8e7b559d9ca96dcc2ea39d036819fc9a41e18e77de

kpatch-patch-4_18_0-348_2_1-debuginfo-1-1.el8_5.x86_64.rpm

SHA-256: 1e5b6b22eadb830b8dc5417cf7976356c849966f72cdbaa6672da9bfbf683fbf

kpatch-patch-4_18_0-348_2_1-debugsource-1-1.el8_5.x86_64.rpm

SHA-256: 14d7ffc035ec4bdb5181582afad896cf202d4f4c86e0880db2e617f39619787d

kpatch-patch-4_18_0-348_7_1-1-1.el8_5.x86_64.rpm

SHA-256: c1cee4e9fad2c460f95b9acc01f43549054b2aa55bc8ab426aaef954adf211f1

kpatch-patch-4_18_0-348_7_1-debuginfo-1-1.el8_5.x86_64.rpm

SHA-256: 829f0e9fc1164cd1615004951226a3423846a9ad327ef9f05a78d9f40798f63a

kpatch-patch-4_18_0-348_7_1-debugsource-1-1.el8_5.x86_64.rpm

SHA-256: 72825130221de67d926b258304c0b70f0e58cd6be86704c8a8df54ab48da9f11

Red Hat Enterprise Linux for Power, little endian 8

SRPM

kpatch-patch-4_18_0-348-1-2.el8.src.rpm

SHA-256: a1d12228d4c6ecf45da5eafdf9ded08d7feb96a2a14c65fd7fe3580965dbd17b

kpatch-patch-4_18_0-348_2_1-1-1.el8_5.src.rpm

SHA-256: dabed7d05315727fc83c518dc147e70250951820dfb27d1540aa076570404c69

kpatch-patch-4_18_0-348_7_1-1-1.el8_5.src.rpm

SHA-256: 7490159dda974dd96f5bd1e53a441483c909299ef43473a18e971a2d25a979bb

ppc64le

kpatch-patch-4_18_0-348-1-2.el8.ppc64le.rpm

SHA-256: ffe99518d0db0622d69111d1e5a8aaea464d12e15b2748481040eaa4a3199d3e

kpatch-patch-4_18_0-348-debuginfo-1-2.el8.ppc64le.rpm

SHA-256: 5c73f77bdd745f3408169a45a5a265c2ca0aaf57d8e2fd0c16fb33770c582f83

kpatch-patch-4_18_0-348-debugsource-1-2.el8.ppc64le.rpm

SHA-256: 1098edbfe7c2c564fdf387784acb57363cbaad9884d1eb174615fd625fc3c744

kpatch-patch-4_18_0-348_2_1-1-1.el8_5.ppc64le.rpm

SHA-256: 23ccc2a00442f65131c3cf2aef556972891919b1541569dd5ddb9c9772729918

kpatch-patch-4_18_0-348_2_1-debuginfo-1-1.el8_5.ppc64le.rpm

SHA-256: 205b972f332a432957c90e9837f70e72ea12dec013eed787ce0a534d3a872f5e

kpatch-patch-4_18_0-348_2_1-debugsource-1-1.el8_5.ppc64le.rpm

SHA-256: 43e16f4c73d1c0737f22f153d9ff299b3ec3cd1f47197a1f21d26e10901e4445

kpatch-patch-4_18_0-348_7_1-1-1.el8_5.ppc64le.rpm

SHA-256: 078647eea20d413f0b6b241b7c485c02c1bd96de4e2215c6bbd3ca8a035e141e

kpatch-patch-4_18_0-348_7_1-debuginfo-1-1.el8_5.ppc64le.rpm

SHA-256: ddbb19fa8dc468eed5502d56c711b72db40e065fc47400c4f87b8cdc757241a4

kpatch-patch-4_18_0-348_7_1-debugsource-1-1.el8_5.ppc64le.rpm

SHA-256: c174874aaa716876398853e59ddef3db14d58c4c9389bc4540d6266a86bc9dae

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data