[RHSA-2023:3705] kpatch-patch security update
Severity
Important
Affected Packages
4
CVEs
2
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)
kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=x86_64&distro=redhat-9.2 | < 1-1.el9_2 |
pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=ppc64le&distro=redhat-9.2 | < 1-1.el9_2 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | < 5.14.0-284.11.1.el9_2 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | < 5.14.0-284.11.1.el9_2 |
- ID
- RHSA-2023:3705
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:3705
- Published
-
2023-06-21T00:00:00
(15 months ago) - Modified
-
2023-06-21T00:00:00
(15 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
- ALAS-2023-1750
- ALAS2-2023-2050
- ALPINE:CVE-2023-32233
- ALSA-2023:3349
- ALSA-2023:3723
- ALSA-2023:4517
- DSA-5402-1
- ELSA-2023-12393
- ELSA-2023-12394
- ELSA-2023-12412
- ELSA-2023-12413
- ELSA-2023-3349
- ELSA-2023-3723
- ELSA-2023-4517
- ELSA-2023-5622
- MS:CVE-2023-2235
- RHSA-2023:3349
- RHSA-2023:3350
- RHSA-2023:3351
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:4517
- RHSA-2023:4541
- RHSA-2023:5574
- RHSA-2023:5621
- RHSA-2023:5622
- RLSA-2023:4517
- SSA:2023-172-02
- SUSE-SU-2023:2140-1
- SUSE-SU-2023:2141-1
- SUSE-SU-2023:2231-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2502-1
- SUSE-SU-2023:2611-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2651-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3079-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3620-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3628-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3648-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2023:3675-1
- USN-6122-1
- USN-6123-1
- USN-6124-1
- USN-6127-1
- USN-6130-1
- USN-6131-1
- USN-6132-1
- USN-6135-1
- USN-6149-1
- USN-6150-1
- USN-6162-1
- USN-6175-1
- USN-6186-1
- USN-6222-1
- USN-6256-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6347-1
- USN-6385-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2192589 | https://bugzilla.redhat.com/2192589 | |
Bugzilla | 2196105 | https://bugzilla.redhat.com/2196105 | |
RHSA | RHSA-2023:3705 | https://access.redhat.com/errata/RHSA-2023:3705 | |
CVE | CVE-2023-2235 | https://access.redhat.com/security/cve/CVE-2023-2235 | |
CVE | CVE-2023-32233 | https://access.redhat.com/security/cve/CVE-2023-32233 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=x86_64&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_11_1 | < 1-1.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=ppc64le&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_11_1 | < 1-1.el9_2 | redhat-9.2 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.11.1.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.11.1.el9_2 | redhat-9.2 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |