[RHSA-2023:4380] kpatch-patch security update
Severity
Important
Affected Packages
8
CVEs
2
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/kpatch-patch-5_14_0-284_18_1?arch=x86_64&distro=redhat-9.2 | < 1-1.el9_2 |
pkg:rpm/redhat/kpatch-patch-5_14_0-284_18_1?arch=ppc64le&distro=redhat-9.2 | < 1-1.el9_2 |
pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=x86_64&distro=redhat-9.2 | < 1-2.el9_2 |
pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=ppc64le&distro=redhat-9.2 | < 1-2.el9_2 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | < 5.14.0-284.11.1.el9_2 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | < 5.14.0-284.18.1.el9_2 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | < 5.14.0-284.11.1.el9_2 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | < 5.14.0-284.18.1.el9_2 |
- ID
- RHSA-2023:4380
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:4380
- Published
-
2023-08-01T00:00:00
(13 months ago) - Modified
-
2023-08-01T00:00:00
(13 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2023-2100
- ALSA-2023:4377
- ALSA-2023:5244
- DSA-5448-1
- DSA-5480-1
- ELSA-2023-12688
- ELSA-2023-4377
- ELSA-2023-4819
- ELSA-2023-5244
- MS:CVE-2023-3090
- RHSA-2023:4377
- RHSA-2023:4378
- RHSA-2023:4819
- RHSA-2023:4821
- RHSA-2023:4834
- RHSA-2023:5221
- RHSA-2023:5244
- RHSA-2023:5255
- RLSA-2023:5244
- SSA:2023-325-01
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2803-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2810-1
- SUSE-SU-2023:2820-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2831-1
- SUSE-SU-2023:2834-1
- SUSE-SU-2023:2859-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:2892-1
- SUSE-SU-2023:3035-1
- SUSE-SU-2023:3036-1
- SUSE-SU-2023:3041-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3075-1
- SUSE-SU-2023:3076-1
- SUSE-SU-2023:3079-1
- SUSE-SU-2023:3081-1
- SUSE-SU-2023:3107-1
- SUSE-SU-2023:3111-1
- SUSE-SU-2023:3115-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3566-1
- SUSE-SU-2023:3571-1
- SUSE-SU-2023:3576-1
- SUSE-SU-2023:3582-1
- SUSE-SU-2023:3585-1
- SUSE-SU-2023:3592-1
- SUSE-SU-2023:3594-1
- SUSE-SU-2023:3595-1
- SUSE-SU-2023:3596-1
- SUSE-SU-2023:3603-1
- SUSE-SU-2023:3607-1
- SUSE-SU-2023:3612-1
- SUSE-SU-2023:3620-1
- SUSE-SU-2023:3621-1
- SUSE-SU-2023:3623-1
- SUSE-SU-2023:3627-1
- SUSE-SU-2023:3628-1
- SUSE-SU-2023:3629-1
- SUSE-SU-2023:3630-1
- SUSE-SU-2023:3631-1
- SUSE-SU-2023:3644-1
- SUSE-SU-2023:3647-1
- SUSE-SU-2023:3648-1
- SUSE-SU-2023:3657-1
- SUSE-SU-2023:3668-1
- SUSE-SU-2023:3671-1
- SUSE-SU-2023:3675-1
- SUSE-SU-2023:3676-1
- USN-6192-1
- USN-6193-1
- USN-6194-1
- USN-6205-1
- USN-6206-1
- USN-6212-1
- USN-6220-1
- USN-6223-1
- USN-6231-1
- USN-6234-1
- USN-6235-1
- USN-6246-1
- USN-6250-1
- USN-6251-1
- USN-6252-1
- USN-6254-1
- USN-6255-1
- USN-6256-1
- USN-6260-1
- USN-6261-1
- USN-6385-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2215768 | https://bugzilla.redhat.com/2215768 | |
Bugzilla | 2218672 | https://bugzilla.redhat.com/2218672 | |
RHSA | RHSA-2023:4380 | https://access.redhat.com/errata/RHSA-2023:4380 | |
CVE | CVE-2023-3090 | https://access.redhat.com/security/cve/CVE-2023-3090 | |
CVE | CVE-2023-35788 | https://access.redhat.com/security/cve/CVE-2023-35788 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_18_1?arch=x86_64&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_18_1 | < 1-1.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_18_1?arch=ppc64le&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_18_1 | < 1-1.el9_2 | redhat-9.2 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=x86_64&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_11_1 | < 1-2.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-284_11_1?arch=ppc64le&distro=redhat-9.2 | redhat | kpatch-patch-5_14_0-284_11_1 | < 1-2.el9_2 | redhat-9.2 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.11.1.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.18.1.el9_2 | redhat-9.2 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.11.1.el9_2 | redhat-9.2 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.2 | redhat | kernel | < 5.14.0-284.18.1.el9_2 | redhat-9.2 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |