RHSA-2022:5626

Description

Red Hat Security Advisory: kernel security and bug fix update

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•bpftool-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-abi-stablelists

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-core

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug-core

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug-devel

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug-modules

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debug-modules-extra

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debuginfo-common-aarch64

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debuginfo-common-ppc64le

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debuginfo-common-s390x

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-debuginfo-common-x86_64

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-devel

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-doc

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-modules

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-modules-extra

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-tools

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-tools-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-tools-libs

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-tools-libs-devel

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump-core

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump-devel

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump-modules

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•kernel-zfcpdump-modules-extra

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•perf

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•perf-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•python3-perf

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

• redhat•python3-perf-debuginfo

  < 0:4.18.0-305.57.1.el8_4 | < 0:4.18.0-305.57.1.el8_4

References (46)

• https://access.redhat.com/errata/RHSA-2022:5626
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=1903244
• https://bugzilla.redhat.com/show_bug.cgi?id=2035652
• https://bugzilla.redhat.com/show_bug.cgi?id=2036934
• https://bugzilla.redhat.com/show_bug.cgi?id=2064604
• https://bugzilla.redhat.com/show_bug.cgi?id=2086753
• https://bugzilla.redhat.com/show_bug.cgi?id=2092427
• https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5626.json
• https://access.redhat.com/security/cve/CVE-2020-29368
• https://www.cve.org/CVERecord?id=CVE-2020-29368
• https://nvd.nist.gov/vuln/detail/CVE-2020-29368
• https://access.redhat.com/security/cve/CVE-2021-4197
• https://www.cve.org/CVERecord?id=CVE-2021-4197
• https://nvd.nist.gov/vuln/detail/CVE-2021-4197
• https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/
• https://access.redhat.com/security/cve/CVE-2021-4203
• https://www.cve.org/CVERecord?id=CVE-2021-4203
• https://nvd.nist.gov/vuln/detail/CVE-2021-4203
• https://bugs.chromium.org/p/project-zero/issues/detail?id=2230&can=7&q=modified-after%3Atoday-30&sort=-modified&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve&cells=tiles&redir=1
• https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814
• https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet@gmail.com/T/
• https://access.redhat.com/security/cve/CVE-2021-47435
• https://bugzilla.redhat.com/show_bug.cgi?id=2282879
• https://www.cve.org/CVERecord?id=CVE-2021-47435
• https://nvd.nist.gov/vuln/detail/CVE-2021-47435
• https://access.redhat.com/security/cve/CVE-2022-1012
• https://www.cve.org/CVERecord?id=CVE-2022-1012
• https://nvd.nist.gov/vuln/detail/CVE-2022-1012
• https://arxiv.org/abs/2209.12993
• https://datatracker.ietf.org/doc/html/rfc6056#section-3.3.4
• https://lore.kernel.org/lkml/20220428124001.7428-1-w@1wt.eu/
• https://lwn.net/Articles/910435/
• https://access.redhat.com/security/cve/CVE-2022-1729
• https://www.cve.org/CVERecord?id=CVE-2022-1729
• https://nvd.nist.gov/vuln/detail/CVE-2022-1729
• https://access.redhat.com/security/cve/CVE-2022-32250
• https://www.cve.org/CVERecord?id=CVE-2022-32250
• https://nvd.nist.gov/vuln/detail/CVE-2022-32250
• https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/net/netfilter?id=520778042ccca019f3ffa136dd0ca565c486cedd
• https://www.openwall.com/lists/oss-security/2022/05/31/1
• https://access.redhat.com/security/cve/CVE-2022-49086
• https://bugzilla.redhat.com/show_bug.cgi?id=2347770
• https://www.cve.org/CVERecord?id=CVE-2022-49086
• https://nvd.nist.gov/vuln/detail/CVE-2022-49086
• https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2022-49086-a289@gregkh/T