Headline
RHSA-2022:1209: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2020-8647: kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
- CVE-2020-8649: kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
- CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-04-05
Updated:
2022-04-05
RHSA-2022:1209 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)
- kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c (CVE-2020-8647)
- kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c (CVE-2020-8649)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the latest RHEL-8.2.z16 Batch (BZ#2066950)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
Fixes
- BZ - 1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
- BZ - 1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
- BZ - 2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.src.rpm
SHA-256: 841f4ff65d55dee9e0d159aa298edffc125bb13ad99b08950c213fb09507becc
x86_64
kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 442987feff4b7e6237ae8181bc4cd13ed19038b18801dea7409f40bec36efcbc
kernel-rt-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 5b0a26917c9d4553c50614a41174932a82cebd4a1f857cda99d32260f81183ba
kernel-rt-debug-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 41cc79b648e3feeaa8ad312004bc5a28ae623d1e6f4299ead2747b24dd0b6918
kernel-rt-debug-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 59ec4230f22ab90d0eed8180e4bbc4d068f0ab0f3ffb32ac30f7af11795d61b6
kernel-rt-debug-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: b016eafa2bf55ff848d4dbd7dd8ac1618366187f7ea790ad951f629a58580509
kernel-rt-debug-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: ddd203e21c7300feba22c2057faab62ac8a6e81a91bec1804bca7833a172c883
kernel-rt-debug-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 02900cdb3925fd5166f8a95b6a102ec6b47d41233667f5f855e5b3591c29ec25
kernel-rt-debug-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: a990114633e5d5e9c73f12cd44cd436eb7e0ec4a1cea869386c0e1c46e41d3a1
kernel-rt-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: e9d32497a78f6c24eb4677d421b1399e1e220c1c66165014bb928b17f6941080
kernel-rt-debuginfo-common-x86_64-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 8276788bd6ed59f7375ca72d54946743575e48d9eb8249bf7a7385caaf20dbb8
kernel-rt-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 75892bec53949590d5242ba363b53074316969c0752ab7aa334c9a28d5a3e07f
kernel-rt-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: b4fd16e0ad7ba56c530b2a34717526132643f4ec707e0f987a1118ecf1a67219
kernel-rt-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 8cd54705b5424ffd9c7fe2eca88ce91f7bbbded04a54b61ba61c7f3252f2c378
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.src.rpm
SHA-256: 841f4ff65d55dee9e0d159aa298edffc125bb13ad99b08950c213fb09507becc
x86_64
kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 442987feff4b7e6237ae8181bc4cd13ed19038b18801dea7409f40bec36efcbc
kernel-rt-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 5b0a26917c9d4553c50614a41174932a82cebd4a1f857cda99d32260f81183ba
kernel-rt-debug-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 41cc79b648e3feeaa8ad312004bc5a28ae623d1e6f4299ead2747b24dd0b6918
kernel-rt-debug-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 59ec4230f22ab90d0eed8180e4bbc4d068f0ab0f3ffb32ac30f7af11795d61b6
kernel-rt-debug-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: b016eafa2bf55ff848d4dbd7dd8ac1618366187f7ea790ad951f629a58580509
kernel-rt-debug-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: ddd203e21c7300feba22c2057faab62ac8a6e81a91bec1804bca7833a172c883
kernel-rt-debug-kvm-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: e545e21dc18eec58ae396b6ac6181dc81e0266ef0ee6576fa646e7a8529946cd
kernel-rt-debug-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 02900cdb3925fd5166f8a95b6a102ec6b47d41233667f5f855e5b3591c29ec25
kernel-rt-debug-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: a990114633e5d5e9c73f12cd44cd436eb7e0ec4a1cea869386c0e1c46e41d3a1
kernel-rt-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: e9d32497a78f6c24eb4677d421b1399e1e220c1c66165014bb928b17f6941080
kernel-rt-debuginfo-common-x86_64-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 8276788bd6ed59f7375ca72d54946743575e48d9eb8249bf7a7385caaf20dbb8
kernel-rt-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 75892bec53949590d5242ba363b53074316969c0752ab7aa334c9a28d5a3e07f
kernel-rt-kvm-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: b9904ff9daf68ab41af805f75a6143371c13a582308cd03f14f9f6c684c2c6dc
kernel-rt-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: b4fd16e0ad7ba56c530b2a34717526132643f4ec707e0f987a1118ecf1a67219
kernel-rt-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm
SHA-256: 8cd54705b5424ffd9c7fe2eca88ce91f7bbbded04a54b61ba61c7f3252f2c378
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.