RHSA-2022:1975

Description

Red Hat Security Advisory: kernel-rt security and bug fix update

CVSS Metrics

• v3.1•HIGH•Score: 8.2CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Systems

• redhat•kernel-rt

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-core

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-core

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-debuginfo

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-devel

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-kvm

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-modules

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debug-modules-extra

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debuginfo

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-debuginfo-common-x86_64

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-devel

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-kvm

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-modules

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

• redhat•kernel-rt-modules-extra

  < 0:4.18.0-372.9.1.rt7.166.el8 | < 0:4.18.0-372.9.1.rt7.166.el8

References (253)

• https://access.redhat.com/errata/RHSA-2022:1975
• https://access.redhat.com/security/updates/classification/#important
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/
• https://bugzilla.redhat.com/show_bug.cgi?id=1901726
• https://bugzilla.redhat.com/show_bug.cgi?id=1903578
• https://bugzilla.redhat.com/show_bug.cgi?id=1905749
• https://bugzilla.redhat.com/show_bug.cgi?id=1919791
• https://bugzilla.redhat.com/show_bug.cgi?id=1946684
• https://bugzilla.redhat.com/show_bug.cgi?id=1951739
• https://bugzilla.redhat.com/show_bug.cgi?id=1974079
• https://bugzilla.redhat.com/show_bug.cgi?id=1985353
• https://bugzilla.redhat.com/show_bug.cgi?id=1986473
• https://bugzilla.redhat.com/show_bug.cgi?id=1997467
• https://bugzilla.redhat.com/show_bug.cgi?id=1997961
• https://bugzilla.redhat.com/show_bug.cgi?id=1999544
• https://bugzilla.redhat.com/show_bug.cgi?id=1999675
• https://bugzilla.redhat.com/show_bug.cgi?id=2000627
• https://bugzilla.redhat.com/show_bug.cgi?id=2000694
• https://bugzilla.redhat.com/show_bug.cgi?id=2004949
• https://bugzilla.redhat.com/show_bug.cgi?id=2010463
• https://bugzilla.redhat.com/show_bug.cgi?id=2013180
• https://bugzilla.redhat.com/show_bug.cgi?id=2014230
• https://bugzilla.redhat.com/show_bug.cgi?id=2016169
• https://bugzilla.redhat.com/show_bug.cgi?id=2018205
• https://bugzilla.redhat.com/show_bug.cgi?id=2025003
• https://bugzilla.redhat.com/show_bug.cgi?id=2025726
• https://bugzilla.redhat.com/show_bug.cgi?id=2027239
• https://bugzilla.redhat.com/show_bug.cgi?id=2029923
• https://bugzilla.redhat.com/show_bug.cgi?id=2030747
• https://bugzilla.redhat.com/show_bug.cgi?id=2034342
• https://bugzilla.redhat.com/show_bug.cgi?id=2035652
• https://bugzilla.redhat.com/show_bug.cgi?id=2036934
• https://bugzilla.redhat.com/show_bug.cgi?id=2037019
• https://bugzilla.redhat.com/show_bug.cgi?id=2039911
• https://bugzilla.redhat.com/show_bug.cgi?id=2039914
• https://bugzilla.redhat.com/show_bug.cgi?id=2042822
• https://bugzilla.redhat.com/show_bug.cgi?id=2061700
• https://bugzilla.redhat.com/show_bug.cgi?id=2061712
• https://bugzilla.redhat.com/show_bug.cgi?id=2061721
• https://bugzilla.redhat.com/show_bug.cgi?id=2064855
• https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1975.json
• https://access.redhat.com/security/cve/CVE-2020-0404
• https://www.cve.org/CVERecord?id=CVE-2020-0404
• https://nvd.nist.gov/vuln/detail/CVE-2020-0404
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68035c80e129c4cfec659aac4180354530b26527
• https://access.redhat.com/security/cve/CVE-2020-13974
• https://www.cve.org/CVERecord?id=CVE-2020-13974
• https://nvd.nist.gov/vuln/detail/CVE-2020-13974
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b86dab054059b970111b5516ae548efaae5b3aae
• https://access.redhat.com/security/cve/CVE-2020-27820
• https://www.cve.org/CVERecord?id=CVE-2020-27820
• https://nvd.nist.gov/vuln/detail/CVE-2020-27820
• https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/
• https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/
• https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/
• https://access.redhat.com/security/cve/CVE-2021-0941
• https://www.cve.org/CVERecord?id=CVE-2021-0941
• https://nvd.nist.gov/vuln/detail/CVE-2021-0941
• https://android.googlesource.com/kernel/common/+/6306c1189e77a513bf02720450bb43bd4ba5d8ae%5E%21/#F0
• https://access.redhat.com/security/cve/CVE-2021-3612
• https://www.cve.org/CVERecord?id=CVE-2021-3612
• https://nvd.nist.gov/vuln/detail/CVE-2021-3612
• https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/
• https://access.redhat.com/security/cve/CVE-2021-3669
• https://www.cve.org/CVERecord?id=CVE-2021-3669
• https://nvd.nist.gov/vuln/detail/CVE-2021-3669
• https://access.redhat.com/security/cve/CVE-2021-3743
• https://www.cve.org/CVERecord?id=CVE-2021-3743
• https://nvd.nist.gov/vuln/detail/CVE-2021-3743
• https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb
• https://lists.openwall.net/netdev/2021/08/17/124
• https://access.redhat.com/security/cve/CVE-2021-3744
• https://www.cve.org/CVERecord?id=CVE-2021-3744
• https://nvd.nist.gov/vuln/detail/CVE-2021-3744
• https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0
• https://access.redhat.com/security/cve/CVE-2021-3752
• https://www.cve.org/CVERecord?id=CVE-2021-3752
• https://nvd.nist.gov/vuln/detail/CVE-2021-3752
• https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/
• https://www.openwall.com/lists/oss-security/2021/09/15/4
• https://access.redhat.com/security/cve/CVE-2021-3759
• https://www.cve.org/CVERecord?id=CVE-2021-3759
• https://nvd.nist.gov/vuln/detail/CVE-2021-3759
• https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/
• https://access.redhat.com/security/cve/CVE-2021-3764
• https://www.cve.org/CVERecord?id=CVE-2021-3764
• https://nvd.nist.gov/vuln/detail/CVE-2021-3764
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36cf515b9bbe
• https://access.redhat.com/security/cve/CVE-2021-3772
• https://www.cve.org/CVERecord?id=CVE-2021-3772
• https://nvd.nist.gov/vuln/detail/CVE-2021-3772
• https://access.redhat.com/security/cve/CVE-2021-3773
• https://www.cve.org/CVERecord?id=CVE-2021-3773
• https://nvd.nist.gov/vuln/detail/CVE-2021-3773
• https://access.redhat.com/security/cve/CVE-2021-3923
• https://bugzilla.redhat.com/show_bug.cgi?id=2019643
• https://www.cve.org/CVERecord?id=CVE-2021-3923
• https://nvd.nist.gov/vuln/detail/CVE-2021-3923
• https://access.redhat.com/security/cve/CVE-2021-4002
• https://www.cve.org/CVERecord?id=CVE-2021-4002
• https://nvd.nist.gov/vuln/detail/CVE-2021-4002
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890
• https://www.openwall.com/lists/oss-security/2021/11/25/1
• https://access.redhat.com/security/cve/CVE-2021-4037
• https://www.cve.org/CVERecord?id=CVE-2021-4037
• https://nvd.nist.gov/vuln/detail/CVE-2021-4037
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848
• https://access.redhat.com/security/cve/CVE-2021-4083
• https://www.cve.org/CVERecord?id=CVE-2021-4083
• https://nvd.nist.gov/vuln/detail/CVE-2021-4083
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9
• https://access.redhat.com/security/cve/CVE-2021-4093
• https://bugzilla.redhat.com/show_bug.cgi?id=2028584
• https://www.cve.org/CVERecord?id=CVE-2021-4093
• https://nvd.nist.gov/vuln/detail/CVE-2021-4093
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2222
• https://access.redhat.com/security/cve/CVE-2021-4157
• https://www.cve.org/CVERecord?id=CVE-2021-4157
• https://nvd.nist.gov/vuln/detail/CVE-2021-4157
• https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/
• https://access.redhat.com/security/cve/CVE-2021-4197
• https://www.cve.org/CVERecord?id=CVE-2021-4197
• https://nvd.nist.gov/vuln/detail/CVE-2021-4197
• https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/
• https://access.redhat.com/security/cve/CVE-2021-4203
• https://www.cve.org/CVERecord?id=CVE-2021-4203
• https://nvd.nist.gov/vuln/detail/CVE-2021-4203
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2230&can=7&q=modified-after%3Atoday-30&sort=-modified&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve&cells=tiles&redir=1
• https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814
• https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/
• https://access.redhat.com/security/cve/CVE-2021-20322
• https://www.cve.org/CVERecord?id=CVE-2021-20322
• https://nvd.nist.gov/vuln/detail/CVE-2021-20322
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=4785305c05b25a242e5314cc821f54ade4c18810
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=6457378fe796815c973f631a1904e147d6ee33b1
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6&id=67d6d681e15b578c1725bad8ad079e05d1c48a8e
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6&id=a00df2caffed3883c341d5685f830434312e4a43
• https://access.redhat.com/security/cve/CVE-2021-26401
• https://www.cve.org/CVERecord?id=CVE-2021-26401
• https://nvd.nist.gov/vuln/detail/CVE-2021-26401
• https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1036
• https://access.redhat.com/security/cve/CVE-2021-29154
• https://www.cve.org/CVERecord?id=CVE-2021-29154
• https://nvd.nist.gov/vuln/detail/CVE-2021-29154
• https://access.redhat.com/security/cve/CVE-2021-37159
• https://www.cve.org/CVERecord?id=CVE-2021-37159
• https://nvd.nist.gov/vuln/detail/CVE-2021-37159
• https://www.spinics.net/lists/linux-usb/msg202228.html
• https://access.redhat.com/security/cve/CVE-2021-41864
• https://www.cve.org/CVERecord?id=CVE-2021-41864
• https://nvd.nist.gov/vuln/detail/CVE-2021-41864
• https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a
• https://access.redhat.com/security/cve/CVE-2021-42739
• https://www.cve.org/CVERecord?id=CVE-2021-42739
• https://nvd.nist.gov/vuln/detail/CVE-2021-42739
• https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/
• https://access.redhat.com/security/cve/CVE-2021-43389
• https://www.cve.org/CVERecord?id=CVE-2021-43389
• https://nvd.nist.gov/vuln/detail/CVE-2021-43389
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d
• https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/
• https://access.redhat.com/security/cve/CVE-2021-43976
• https://www.cve.org/CVERecord?id=CVE-2021-43976
• https://nvd.nist.gov/vuln/detail/CVE-2021-43976
• https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/
• https://access.redhat.com/security/cve/CVE-2021-44733
• https://www.cve.org/CVERecord?id=CVE-2021-44733
• https://nvd.nist.gov/vuln/detail/CVE-2021-44733
• https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/
• https://access.redhat.com/security/cve/CVE-2021-45485
• https://www.cve.org/CVERecord?id=CVE-2021-45485
• https://nvd.nist.gov/vuln/detail/CVE-2021-45485
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99
• https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/
• https://access.redhat.com/security/cve/CVE-2021-45486
• https://www.cve.org/CVERecord?id=CVE-2021-45486
• https://nvd.nist.gov/vuln/detail/CVE-2021-45486
• https://arxiv.org/pdf/2112.09604.pdf
• https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba
• https://access.redhat.com/security/cve/CVE-2021-47435
• https://bugzilla.redhat.com/show_bug.cgi?id=2282879
• https://www.cve.org/CVERecord?id=CVE-2021-47435
• https://nvd.nist.gov/vuln/detail/CVE-2021-47435
• https://access.redhat.com/security/cve/CVE-2021-47544
• https://bugzilla.redhat.com/show_bug.cgi?id=2283406
• https://www.cve.org/CVERecord?id=CVE-2021-47544
• https://nvd.nist.gov/vuln/detail/CVE-2021-47544
• https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T
• https://access.redhat.com/security/cve/CVE-2021-47556
• https://bugzilla.redhat.com/show_bug.cgi?id=2283393
• https://www.cve.org/CVERecord?id=CVE-2021-47556
• https://nvd.nist.gov/vuln/detail/CVE-2021-47556
• https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T
• https://access.redhat.com/security/cve/CVE-2021-47590
• https://bugzilla.redhat.com/show_bug.cgi?id=2293237
• https://www.cve.org/CVERecord?id=CVE-2021-47590
• https://nvd.nist.gov/vuln/detail/CVE-2021-47590
• https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47590-6db0@gregkh/T
• https://access.redhat.com/security/cve/CVE-2021-47614
• https://bugzilla.redhat.com/show_bug.cgi?id=2293265
• https://www.cve.org/CVERecord?id=CVE-2021-47614
• https://nvd.nist.gov/vuln/detail/CVE-2021-47614
• https://lore.kernel.org/linux-cve-announce/2024061908-CVE-2021-47614-6dd2@gregkh/T
• https://access.redhat.com/security/cve/CVE-2022-0001
• https://www.cve.org/CVERecord?id=CVE-2022-0001
• https://nvd.nist.gov/vuln/detail/CVE-2022-0001
• https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html
• https://www.vusec.net/projects/bhi-spectre-bhb/
• https://access.redhat.com/security/cve/CVE-2022-0002
• https://www.cve.org/CVERecord?id=CVE-2022-0002
• https://nvd.nist.gov/vuln/detail/CVE-2022-0002
• https://access.redhat.com/security/cve/CVE-2022-0286
• https://www.cve.org/CVERecord?id=CVE-2022-0286
• https://nvd.nist.gov/vuln/detail/CVE-2022-0286
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40
• https://access.redhat.com/security/cve/CVE-2022-0322
• https://www.cve.org/CVERecord?id=CVE-2022-0322
• https://nvd.nist.gov/vuln/detail/CVE-2022-0322
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c
• https://access.redhat.com/security/cve/CVE-2022-0850
• https://bugzilla.redhat.com/show_bug.cgi?id=2060606
• https://www.cve.org/CVERecord?id=CVE-2022-0850
• https://nvd.nist.gov/vuln/detail/CVE-2022-0850
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe
• https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8
• https://access.redhat.com/security/cve/CVE-2022-1011
• https://www.cve.org/CVERecord?id=CVE-2022-1011
• https://nvd.nist.gov/vuln/detail/CVE-2022-1011
• https://lore.kernel.org/lkml/20220414110839.241541230@linuxfoundation.org/
• https://access.redhat.com/security/cve/CVE-2022-3105
• https://bugzilla.redhat.com/show_bug.cgi?id=2153067
• https://www.cve.org/CVERecord?id=CVE-2022-3105
• https://nvd.nist.gov/vuln/detail/CVE-2022-3105
• https://access.redhat.com/security/cve/CVE-2022-3106
• https://bugzilla.redhat.com/show_bug.cgi?id=2153066
• https://www.cve.org/CVERecord?id=CVE-2022-3106
• https://nvd.nist.gov/vuln/detail/CVE-2022-3106
• https://access.redhat.com/security/cve/CVE-2022-3108
• https://bugzilla.redhat.com/show_bug.cgi?id=2153052
• https://www.cve.org/CVERecord?id=CVE-2022-3108
• https://nvd.nist.gov/vuln/detail/CVE-2022-3108
• https://access.redhat.com/security/cve/CVE-2023-0459
• https://bugzilla.redhat.com/show_bug.cgi?id=2216383
• https://www.cve.org/CVERecord?id=CVE-2023-0459
• https://nvd.nist.gov/vuln/detail/CVE-2023-0459
• https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c
• https://access.redhat.com/security/cve/CVE-2023-3022
• https://bugzilla.redhat.com/show_bug.cgi?id=2211440
• https://www.cve.org/CVERecord?id=CVE-2023-3022
• https://nvd.nist.gov/vuln/detail/CVE-2023-3022