[RHSA-2023:1659] kpatch-patch security update
Severity
Important
Affected Packages
12
CVEs
4
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
kpatch: mm/mremap.c: incomplete fix for CVE-2022-41222 (CVE-2023-1476)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Package | Affected Version |
|---|---|
 pkg:rpm/redhat/kpatch-patch-4_18_0-425_3_1?arch=x86_64&distro=redhat-8
|
< 1-6.el8 |
|
pkg:rpm/redhat/kpatch-patch-4_18_0-425_3_1?arch=ppc64le&distro=redhat-8
|
< 1-6.el8 |
|
pkg:rpm/redhat/kpatch-patch-4_18_0-425_13_1?arch=x86_64&distro=redhat-8.7
|
< 1-2.el8_7 |
|
pkg:rpm/redhat/kpatch-patch-4_18_0-425_13_1?arch=ppc64le&distro=redhat-8.7
|
< 1-2.el8_7 |
|
pkg:rpm/redhat/kpatch-patch-4_18_0-425_10_1?arch=x86_64&distro=redhat-8.7
|
< 1-4.el8_7 |
|
pkg:rpm/redhat/kpatch-patch-4_18_0-425_10_1?arch=ppc64le&distro=redhat-8.7
|
< 1-4.el8_7 |
|
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8.7
|
< 4.18.0-425.10.1.el8_7 |
|
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8.7
|
< 4.18.0-425.13.1.el8_7 |
|
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8
|
< 4.18.0-425.3.1.el8 |
|
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8.7
|
< 4.18.0-425.10.1.el8_7 |
|
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8.7
|
< 4.18.0-425.13.1.el8_7 |
|
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8
|
< 4.18.0-425.3.1.el8 |
- ID
- RHSA-2023:1659
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:1659
- Published
-
2023-04-05T00:00:00
(17 months ago) - Modified
-
2023-04-05T00:00:00
(17 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
-
ALSA-2023:0951
-
ALSA-2023:1470
-
ALSA-2023:1566
-
ALSA-2023:1703
-
CISA-2023:0330
-
DSA-5324-1
-
DSA-5402-1
-
ELSA-2022-10071
-
ELSA-2022-10072
-
ELSA-2022-10073
-
ELSA-2022-10078
-
ELSA-2022-10079
-
ELSA-2022-10080
-
ELSA-2022-10081
-
ELSA-2022-10108
-
ELSA-2023-0951
-
ELSA-2023-1091
-
ELSA-2023-12006
-
ELSA-2023-12007
-
ELSA-2023-12008
-
ELSA-2023-12009
-
ELSA-2023-12017
-
ELSA-2023-12018
-
ELSA-2023-12196
-
ELSA-2023-1470
-
ELSA-2023-1566
-
ELSA-2023-1703
-
ELSA-2023-1822
-
MS:CVE-2022-4378
-
MS:CVE-2023-0266
-
RHSA-2023:0951
-
RHSA-2023:0979
-
RHSA-2023:1008
-
RHSA-2023:1091
-
RHSA-2023:1092
-
RHSA-2023:1101
-
RHSA-2023:1469
-
RHSA-2023:1470
-
RHSA-2023:1471
-
RHSA-2023:1566
-
RHSA-2023:1584
-
RHSA-2023:1681
-
RHSA-2023:1691
-
RHSA-2023:1703
-
RLSA-2023:1470
-
RLSA-2023:1566
-
SSA:2023-048-01
-
SUSE-SU-2022:4503-1
-
SUSE-SU-2022:4504-1
-
SUSE-SU-2022:4505-1
-
SUSE-SU-2022:4506-1
-
SUSE-SU-2022:4510-1
-
SUSE-SU-2022:4513-1
-
SUSE-SU-2022:4515-1
-
SUSE-SU-2022:4516-1
-
SUSE-SU-2022:4517-1
-
SUSE-SU-2022:4518-1
-
SUSE-SU-2022:4520-1
-
SUSE-SU-2022:4527-1
-
SUSE-SU-2022:4528-1
-
SUSE-SU-2022:4533-1
-
SUSE-SU-2022:4534-1
-
SUSE-SU-2022:4539-1
-
SUSE-SU-2022:4542-1
-
SUSE-SU-2022:4543-1
-
SUSE-SU-2022:4544-1
-
SUSE-SU-2022:4545-1
-
SUSE-SU-2022:4546-1
-
SUSE-SU-2022:4550-1
-
SUSE-SU-2022:4551-1
-
SUSE-SU-2022:4559-1
-
SUSE-SU-2022:4560-1
-
SUSE-SU-2022:4562-1
-
SUSE-SU-2022:4566-1
-
SUSE-SU-2022:4569-1
-
SUSE-SU-2022:4572-1
-
SUSE-SU-2022:4573-1
-
SUSE-SU-2022:4574-1
-
SUSE-SU-2022:4577-1
-
SUSE-SU-2022:4580-1
-
SUSE-SU-2022:4585-1
-
SUSE-SU-2022:4587-1
-
SUSE-SU-2022:4589-1
-
SUSE-SU-2022:4595-1
-
SUSE-SU-2022:4613-1
-
SUSE-SU-2022:4614-1
-
SUSE-SU-2022:4615-1
-
SUSE-SU-2022:4616-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0152-1
-
SUSE-SU-2023:0394-1
-
SUSE-SU-2023:0406-1
-
SUSE-SU-2023:0433-1
-
SUSE-SU-2023:0485-1
-
SUSE-SU-2023:0488-1
-
SUSE-SU-2023:0618-1
-
SUSE-SU-2023:0634-1
-
SUSE-SU-2023:0779-1
-
SUSE-SU-2023:1576-1
-
SUSE-SU-2023:1591-1
-
SUSE-SU-2023:1592-1
-
SUSE-SU-2023:1595-1
-
SUSE-SU-2023:1602-1
-
SUSE-SU-2023:1619-1
-
SUSE-SU-2023:1639-1
-
SUSE-SU-2023:1640-1
-
SUSE-SU-2023:1647-1
-
SUSE-SU-2023:1649-1
-
SUSE-SU-2023:1653-1
-
SUSE-SU-2023:1708-1
-
SUSE-SU-2023:2140-1
-
SUSE-SU-2023:2141-1
-
SUSE-SU-2023:2231-1
-
SUSE-SU-2023:2368-1
-
SUSE-SU-2023:2369-1
-
SUSE-SU-2023:2371-1
-
SUSE-SU-2023:2384-1
-
SUSE-SU-2023:2425-1
-
SUSE-SU-2023:2428-1
-
SUSE-SU-2023:2431-1
-
SUSE-SU-2023:2443-1
-
SUSE-SU-2023:2455-1
-
SUSE-SU-2023:2459-1
-
SUSE-SU-2023:2468-1
-
SUSE-SU-2023:2809-1
-
USN-5799-1
-
USN-5803-1
-
USN-5809-1
-
USN-5814-1
-
USN-5831-1
-
USN-5832-1
-
USN-5860-1
-
USN-5877-1
-
USN-5879-1
-
USN-5883-1
-
USN-5915-1
-
USN-5917-1
-
USN-5919-1
-
USN-5920-1
-
USN-5924-1
-
USN-5927-1
-
USN-5934-1
-
USN-5939-1
-
USN-5940-1
-
USN-5951-1
-
USN-5970-1
-
USN-5975-1
-
USN-5979-1
-
USN-5981-1
-
USN-5982-1
-
USN-5984-1
-
USN-5987-1
-
USN-5991-1
-
USN-6000-1
-
USN-6004-1
-
USN-6009-1
-
USN-6025-1
-
USN-6030-1
-
USN-6040-1
-
USN-6043-1
-
USN-6057-1
-
USN-6071-1
-
USN-6072-1
-
USN-6134-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 2152548 |
|
|
| Bugzilla | 2159505 |
|
|
| Bugzilla | 2163379 |
|
|
| Bugzilla | 2176035 |
|
|
| RHSA | RHSA-2023:1659 |
|
|
| CVE | CVE-2022-4378 |
|
|
| CVE | CVE-2023-0266 |
|
|
| CVE | CVE-2023-0386 |
|
|
| CVE | CVE-2023-1476 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_3_1?arch=x86_64&distro=redhat-8 | redhat |
kpatch-patch-4_18_0-425_3_1
|
< 1-6.el8 | redhat-8 | x86_64 | |
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_3_1?arch=ppc64le&distro=redhat-8 | redhat |
kpatch-patch-4_18_0-425_3_1
|
< 1-6.el8 | redhat-8 | ppc64le | |
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_13_1?arch=x86_64&distro=redhat-8.7 | redhat |
kpatch-patch-4_18_0-425_13_1
|
< 1-2.el8_7 | redhat-8.7 | x86_64 | |
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_13_1?arch=ppc64le&distro=redhat-8.7 | redhat |
kpatch-patch-4_18_0-425_13_1
|
< 1-2.el8_7 | redhat-8.7 | ppc64le | |
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_10_1?arch=x86_64&distro=redhat-8.7 | redhat |
kpatch-patch-4_18_0-425_10_1
|
< 1-4.el8_7 | redhat-8.7 | x86_64 | |
| Affected | pkg:rpm/redhat/kpatch-patch-4_18_0-425_10_1?arch=ppc64le&distro=redhat-8.7 | redhat |
kpatch-patch-4_18_0-425_10_1
|
< 1-4.el8_7 | redhat-8.7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8.7 | redhat |
kernel
|
< 4.18.0-425.10.1.el8_7 | redhat-8.7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8.7 | redhat |
kernel
|
< 4.18.0-425.13.1.el8_7 | redhat-8.7 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-8 | redhat |
kernel
|
< 4.18.0-425.3.1.el8 | redhat-8 | x86_64 | |
| Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8.7 | redhat |
kernel
|
< 4.18.0-425.10.1.el8_7 | redhat-8.7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8.7 | redhat |
kernel
|
< 4.18.0-425.13.1.el8_7 | redhat-8.7 | ppc64le | |
| Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-8 | redhat |
kernel
|
< 4.18.0-425.3.1.el8 | redhat-8 | ppc64le |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |