[RHSA-2023:4378] kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458)
kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
RHEL9 rt: blktests block/024 failed (BZ#2209920)
Backport pinned timers RT specific behavior for FIFO tasks (BZ#2210071)
kernel-rt: update RT source tree to the RHEL-9.2z2 source tree (BZ#2215122)
kernel-rt: update RT source tree to the RHEL-9.2z2b source tree (BZ#2222796)
- ID
- RHSA-2023:4378
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:4378
- Published
-
2023-08-01T00:00:00
(13 months ago) - Modified
-
2023-08-01T00:00:00
(13 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
- ALAS-2023-1701
- ALAS2-2023-1987
- ALAS2-2023-2100
- ALSA-2023:4377
- ALSA-2023:5244
- ALSA-2023:7077
- DSA-5448-1
- DSA-5480-1
- ELSA-2023-12116
- ELSA-2023-12120
- ELSA-2023-12375
- ELSA-2023-12688
- ELSA-2023-4377
- ELSA-2023-4819
- ELSA-2023-5244
- ELSA-2023-7077
- MS:CVE-2022-45869
- MS:CVE-2023-0458
- MS:CVE-2023-3090
- RHSA-2023:4377
- RHSA-2023:4380
- RHSA-2023:4819
- RHSA-2023:4821
- RHSA-2023:4834
- RHSA-2023:5221
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2023:6901
- RHSA-2023:7077
- RLSA-2023:5244
- SSA:2023-048-01
- SSA:2023-325-01
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:2140-1
- SUSE-SU-2023:2141-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2147-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2151-1
- SUSE-SU-2023:2156-1
- SUSE-SU-2023:2162-1
- SUSE-SU-2023:2163-1
- SUSE-SU-2023:2231-1
- SUSE-SU-2023:2232-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2803-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2810-1
- SUSE-SU-2023:2820-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2831-1
- SUSE-SU-2023:2834-1
- SUSE-SU-2023:2859-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:2892-1
- SUSE-SU-2023:3035-1
- SUSE-SU-2023:3036-1
- SUSE-SU-2023:3041-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3075-1
- SUSE-SU-2023:3076-1
- SUSE-SU-2023:3079-1
- SUSE-SU-2023:3081-1
- SUSE-SU-2023:3107-1
- SUSE-SU-2023:3111-1
- SUSE-SU-2023:3115-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3566-1
- SUSE-SU-2023:3571-1
- SUSE-SU-2023:3576-1
- SUSE-SU-2023:3582-1
- SUSE-SU-2023:3585-1
- SUSE-SU-2023:3592-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3596-1
- SUSE-SU-2023:3603-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3620-1
- SUSE-SU-2023:3621-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3628-1
- SUSE-SU-2023:3629-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3631-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3648-1
- SUSE-SU-2023:3657-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2023:3675-1
- SUSE-SU-2023:3676-1
- USN-5911-1
- USN-5912-1
- USN-5929-1
- USN-5935-1
- USN-5938-1
- USN-5941-1
- USN-5950-1
- USN-5962-1
- USN-6033-1
- USN-6079-1
- USN-6091-1
- USN-6093-1
- USN-6096-1
- USN-6134-1
- USN-6171-1
- USN-6172-1
- USN-6185-1
- USN-6187-1
- USN-6192-1
- USN-6193-1
- USN-6194-1
- USN-6205-1
- USN-6206-1
- USN-6207-1
- USN-6212-1
- USN-6220-1
- USN-6222-1
- USN-6223-1
- USN-6231-1
- USN-6234-1
- USN-6235-1
- USN-6246-1
- USN-6250-1
- USN-6251-1
- USN-6252-1
- USN-6254-1
- USN-6255-1
- USN-6256-1
- USN-6260-1
- USN-6261-1
- USN-6341-1
- USN-6385-1
- USN-6739-1
- USN-6740-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2151317 | https://bugzilla.redhat.com/2151317 | |
Bugzilla | 2187257 | https://bugzilla.redhat.com/2187257 | |
Bugzilla | 2193219 | https://bugzilla.redhat.com/2193219 | |
Bugzilla | 2215768 | https://bugzilla.redhat.com/2215768 | |
Bugzilla | 2218672 | https://bugzilla.redhat.com/2218672 | |
RHSA | RHSA-2023:4378 | https://access.redhat.com/errata/RHSA-2023:4378 | |
CVE | CVE-2022-45869 | https://access.redhat.com/security/cve/CVE-2022-45869 | |
CVE | CVE-2023-0458 | https://access.redhat.com/security/cve/CVE-2023-0458 | |
CVE | CVE-2023-1998 | https://access.redhat.com/security/cve/CVE-2023-1998 | |
CVE | CVE-2023-3090 | https://access.redhat.com/security/cve/CVE-2023-3090 | |
CVE | CVE-2023-35788 | https://access.redhat.com/security/cve/CVE-2023-35788 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kernel-rt?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-modules | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules-extra?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-modules-extra | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-modules-core?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-modules-core | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-kvm?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-kvm | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-devel?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-devel | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-modules | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules-extra?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-modules-extra | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-modules-core?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-modules-core | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-kvm?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-kvm | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-devel?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-devel | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-debug-core?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-debug-core | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel-rt-core?arch=x86_64&distro=redhat-9.2 | redhat | kernel-rt-core | < 5.14.0-284.25.1.rt14.310.el9_2 | redhat-9.2 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |