[RHSA-2024:0340] kpatch-patch security update
Severity
Important
Affected Packages
8
CVEs
5
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)
kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1?arch=x86_64&distro=redhat-9.3 | < 1-2.el9_3 |
pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1?arch=ppc64le&distro=redhat-9.3 | < 1-2.el9_3 |
pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1?arch=x86_64&distro=redhat-9.3 | < 1-1.el9_3 |
pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1?arch=ppc64le&distro=redhat-9.3 | < 1-1.el9_3 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.3 | < 5.14.0-362.8.1.el9_3 |
pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.3 | < 5.14.0-362.13.1.el9_3 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.3 | < 5.14.0-362.8.1.el9_3 |
pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.3 | < 5.14.0-362.13.1.el9_3 |
- ID
- RHSA-2024:0340
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2024:0340
- Published
-
2024-01-23T00:00:00
(7 months ago) - Modified
-
2024-01-23T00:00:00
(7 months ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
- ALAS-2023-1838
- ALAS2-2023-2264
- ALSA-2023:7549
- ALSA-2024:0113
- ALSA-2024:0897
- DSA-5492-1
- DSA-5594-1
- ELSA-2023-12824
- ELSA-2023-12825
- ELSA-2023-12826
- ELSA-2023-12858
- ELSA-2023-12874
- ELSA-2023-12875
- ELSA-2023-12910
- ELSA-2023-12911
- ELSA-2023-12914
- ELSA-2023-12915
- ELSA-2023-13039
- ELSA-2023-13043
- ELSA-2023-13044
- ELSA-2023-13048
- ELSA-2023-13049
- ELSA-2023-7549
- ELSA-2024-0346
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-12149
- ELSA-2024-12187
- ELSA-2024-2004
- MS:CVE-2023-3812
- MS:CVE-2023-4622
- MS:CVE-2023-5178
- RHSA-2023:7548
- RHSA-2023:7549
- RHSA-2023:7554
- RHSA-2024:0089
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0346
- RHSA-2024:0347
- RHSA-2024:0371
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1960
- RHSA-2024:2003
- RHSA-2024:2004
- RLSA-2023:7549
- SSA:2023-325-01
- SUSE-SU-2023:3171-1
- SUSE-SU-2023:3172-1
- SUSE-SU-2023:3180-1
- SUSE-SU-2023:3182-1
- SUSE-SU-2023:3302-1
- SUSE-SU-2023:3318-1
- SUSE-SU-2023:3390-1
- SUSE-SU-2023:3391-1
- SUSE-SU-2023:3421-1
- SUSE-SU-2023:3601-1
- SUSE-SU-2023:3680-1
- SUSE-SU-2023:3681-1
- SUSE-SU-2023:3705-1
- SUSE-SU-2023:3748-1
- SUSE-SU-2023:3749-1
- SUSE-SU-2023:3768-1
- SUSE-SU-2023:3772-1
- SUSE-SU-2023:3783-1
- SUSE-SU-2023:3786-1
- SUSE-SU-2023:3788-1
- SUSE-SU-2023:3809-1
- SUSE-SU-2023:3811-1
- SUSE-SU-2023:3812-1
- SUSE-SU-2023:3838-1
- SUSE-SU-2023:3844-1
- SUSE-SU-2023:3846-1
- SUSE-SU-2023:3889-1
- SUSE-SU-2023:3892-1
- SUSE-SU-2023:3893-1
- SUSE-SU-2023:3928-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4164-1
- SUSE-SU-2023:4165-1
- SUSE-SU-2023:4166-1
- SUSE-SU-2023:4175-1
- SUSE-SU-2023:4201-1
- SUSE-SU-2023:4204-1
- SUSE-SU-2023:4208-1
- SUSE-SU-2023:4219-1
- SUSE-SU-2023:4239-1
- SUSE-SU-2023:4243-1
- SUSE-SU-2023:4244-1
- SUSE-SU-2023:4245-1
- SUSE-SU-2023:4260-1
- SUSE-SU-2023:4261-1
- SUSE-SU-2023:4267-1
- SUSE-SU-2023:4273-1
- SUSE-SU-2023:4278-1
- SUSE-SU-2023:4279-1
- SUSE-SU-2023:4280-1
- SUSE-SU-2023:4285-1
- SUSE-SU-2023:4300-1
- SUSE-SU-2023:4301-1
- SUSE-SU-2023:4308-1
- SUSE-SU-2023:4313-1
- SUSE-SU-2023:4321-1
- SUSE-SU-2023:4322-1
- SUSE-SU-2023:4325-1
- SUSE-SU-2023:4326-1
- SUSE-SU-2023:4328-1
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4345-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4351-1
- SUSE-SU-2023:4375-1
- SUSE-SU-2023:4378-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2023:4766-1
- SUSE-SU-2023:4775-1
- SUSE-SU-2023:4795-1
- SUSE-SU-2023:4796-1
- SUSE-SU-2023:4799-1
- SUSE-SU-2023:4801-1
- SUSE-SU-2023:4802-1
- SUSE-SU-2023:4805-1
- SUSE-SU-2023:4817-1
- SUSE-SU-2023:4820-1
- SUSE-SU-2023:4822-1
- SUSE-SU-2023:4831-1
- SUSE-SU-2023:4833-1
- SUSE-SU-2023:4836-1
- SUSE-SU-2023:4841-1
- SUSE-SU-2023:4847-1
- SUSE-SU-2023:4848-1
- SUSE-SU-2023:4849-1
- SUSE-SU-2023:4862-1
- SUSE-SU-2023:4863-1
- SUSE-SU-2023:4866-1
- SUSE-SU-2023:4871-1
- SUSE-SU-2023:4872-1
- SUSE-SU-2024:0331-1
- SUSE-SU-2024:0348-1
- SUSE-SU-2024:0352-1
- SUSE-SU-2024:0378-1
- SUSE-SU-2024:0395-1
- SUSE-SU-2024:0414-1
- SUSE-SU-2024:0421-1
- SUSE-SU-2024:1181-1
- SUSE-SU-2024:1183-1
- SUSE-SU-2024:1236-1
- SUSE-SU-2024:1246-1
- SUSE-SU-2024:1249-1
- SUSE-SU-2024:1251-1
- SUSE-SU-2024:1252-1
- SUSE-SU-2024:1257-1
- SUSE-SU-2024:1288-1
- SUSE-SU-2024:1299-1
- SUSE-SU-2024:1312-1
- USN-6415-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6460-1
- USN-6466-1
- USN-6497-1
- USN-6534-1
- USN-6534-2
- USN-6534-3
- USN-6536-1
- USN-6537-1
- USN-6548-1
- USN-6548-2
- USN-6548-3
- USN-6548-4
- USN-6548-5
- USN-6549-1
- USN-6549-2
- USN-6549-3
- USN-6549-4
- USN-6549-5
- USN-6573-1
- USN-6635-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2224048 | https://bugzilla.redhat.com/2224048 | |
Bugzilla | 2237757 | https://bugzilla.redhat.com/2237757 | |
Bugzilla | 2237760 | https://bugzilla.redhat.com/2237760 | |
Bugzilla | 2239843 | https://bugzilla.redhat.com/2239843 | |
Bugzilla | 2241924 | https://bugzilla.redhat.com/2241924 | |
RHSA | RHSA-2024:0340 | https://access.redhat.com/errata/RHSA-2024:0340 | |
CVE | CVE-2023-3812 | https://access.redhat.com/security/cve/CVE-2023-3812 | |
CVE | CVE-2023-42753 | https://access.redhat.com/security/cve/CVE-2023-42753 | |
CVE | CVE-2023-4622 | https://access.redhat.com/security/cve/CVE-2023-4622 | |
CVE | CVE-2023-4623 | https://access.redhat.com/security/cve/CVE-2023-4623 | |
CVE | CVE-2023-5178 | https://access.redhat.com/security/cve/CVE-2023-5178 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1?arch=x86_64&distro=redhat-9.3 | redhat | kpatch-patch-5_14_0-362_8_1 | < 1-2.el9_3 | redhat-9.3 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1?arch=ppc64le&distro=redhat-9.3 | redhat | kpatch-patch-5_14_0-362_8_1 | < 1-2.el9_3 | redhat-9.3 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1?arch=x86_64&distro=redhat-9.3 | redhat | kpatch-patch-5_14_0-362_13_1 | < 1-1.el9_3 | redhat-9.3 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1?arch=ppc64le&distro=redhat-9.3 | redhat | kpatch-patch-5_14_0-362_13_1 | < 1-1.el9_3 | redhat-9.3 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.3 | redhat | kernel | < 5.14.0-362.8.1.el9_3 | redhat-9.3 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-9.3 | redhat | kernel | < 5.14.0-362.13.1.el9_3 | redhat-9.3 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.3 | redhat | kernel | < 5.14.0-362.8.1.el9_3 | redhat-9.3 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-9.3 | redhat | kernel | < 5.14.0-362.13.1.el9_3 | redhat-9.3 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |