[RHSA-2023:1471] kpatch-patch security update
Severity
Important
Affected Packages
12
CVEs
2
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/kpatch-patch-5_14_0-162_6_1?arch=x86_64&distro=redhat-9.1 | < 1-3.el9_1 |
pkg:rpm/redhat/kpatch-patch-5_14_0-162_6_1?arch=ppc64le&distro=redhat-9.1 | < 1-3.el9_1 |
pkg:rpm/redhat/kpatch-patch-5_14_0-162_18_1?arch=x86_64&distro=redhat-9.1 | < 1-1.el9_1 |
pkg:rpm/redhat/kpatch-patch-5_14_0-162_18_1?arch=ppc64le&distro=redhat-9.1 | < 1-1.el9_1 |
pkg:rpm/redhat/kpatch-patch-5_14_0-162_12_1?arch=x86_64&distro=redhat-9.1 | < 1-2.el9_1 |
pkg:rpm/redhat/kpatch-patch-5_14_0-162_12_1?arch=ppc64le&distro=redhat-9.1 | < 1-2.el9_1 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | < 5.14.0-162.6.1.el9_1 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | < 5.14.0-162.12.1.el9_1 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | < 5.14.0-162.18.1.el9_1 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | < 5.14.0-162.6.1.el9_1 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | < 5.14.0-162.12.1.el9_1 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | < 5.14.0-162.18.1.el9_1 |
- ID
- RHSA-2023:1471
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:1471
- Published
-
2023-03-27T00:00:00
(17 months ago) - Modified
-
2023-03-27T00:00:00
(17 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
- ALSA-2023:1470
- ALSA-2023:1566
- ALSA-2023:7077
- CISA-2023:0330
- DSA-5324-1
- ELSA-2023-12196
- ELSA-2023-1470
- ELSA-2023-1566
- ELSA-2023-7077
- MS:CVE-2023-0266
- RHSA-2023:1469
- RHSA-2023:1470
- RHSA-2023:1566
- RHSA-2023:1584
- RHSA-2023:1659
- RHSA-2023:6901
- RHSA-2023:7077
- RLSA-2023:1470
- RLSA-2023:1566
- SSA:2023-048-01
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0394-1
- SUSE-SU-2023:0406-1
- SUSE-SU-2023:0433-1
- SUSE-SU-2023:0485-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:0618-1
- SUSE-SU-2023:0634-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:1576-1
- SUSE-SU-2023:1591-1
- SUSE-SU-2023:1592-1
- SUSE-SU-2023:1595-1
- SUSE-SU-2023:1602-1
- SUSE-SU-2023:1619-1
- SUSE-SU-2023:1639-1
- SUSE-SU-2023:1640-1
- SUSE-SU-2023:1647-1
- SUSE-SU-2023:1649-1
- SUSE-SU-2023:1653-1
- SUSE-SU-2023:1708-1
- SUSE-SU-2023:1800-1
- SUSE-SU-2023:1802-1
- SUSE-SU-2023:1811-1
- SUSE-SU-2023:1892-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2694-1
- SUSE-SU-2023:2695-1
- SUSE-SU-2023:2698-1
- SUSE-SU-2023:2701-1
- SUSE-SU-2023:2710-1
- SUSE-SU-2023:2714-1
- SUSE-SU-2023:2724-1
- SUSE-SU-2023:2727-1
- SUSE-SU-2023:2741-1
- SUSE-SU-2023:2755-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2024:1321-1
- SUSE-SU-2024:1322-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1466-1
- SUSE-SU-2024:1480-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1490-1
- USN-5915-1
- USN-5917-1
- USN-5924-1
- USN-5927-1
- USN-5934-1
- USN-5939-1
- USN-5940-1
- USN-5951-1
- USN-5970-1
- USN-5975-1
- USN-5979-1
- USN-5981-1
- USN-5982-1
- USN-5984-1
- USN-5987-1
- USN-5991-1
- USN-6000-1
- USN-6004-1
- USN-6009-1
- USN-6030-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2156322 | https://bugzilla.redhat.com/2156322 | |
Bugzilla | 2163379 | https://bugzilla.redhat.com/2163379 | |
RHSA | RHSA-2023:1471 | https://access.redhat.com/errata/RHSA-2023:1471 | |
CVE | CVE-2022-4744 | https://access.redhat.com/security/cve/CVE-2022-4744 | |
CVE | CVE-2023-0266 | https://access.redhat.com/security/cve/CVE-2023-0266 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_6_1?arch=x86_64&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_6_1 | < 1-3.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_6_1?arch=ppc64le&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_6_1 | < 1-3.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_18_1?arch=x86_64&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_18_1 | < 1-1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_18_1?arch=ppc64le&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_18_1 | < 1-1.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_12_1?arch=x86_64&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_12_1 | < 1-2.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-162_12_1?arch=ppc64le&distro=redhat-9.1 | redhat | kpatch-patch-5_14_0-162_12_1 | < 1-2.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.6.1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.12.1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.18.1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.6.1.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.12.1.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.1 | redhat | kernel | < 5.14.0-162.18.1.el9_1 | redhat-9.1 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |