Red Hat Security Advisory 2022-4721-01 ≈ Packet Storm

Home^[1] Files^[2] News^[3] Contact^[4] Add New^[5]

Change Mirror^[15] Download^[16]

        -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================                   
Red Hat Security Advisory
Synopsis:          Important: kpatch-patch security update
Advisory ID:       RHSA-2022:4721-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4721
Issue date:        2022-05-24
CVE Names:         CVE-2022-0492
====================================================================
1. Summary:
An update is now available for Red Hat Enterprise Linux 7.7 Update Services
for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: cgroups v1 release_agent feature may allow privilege escalation
(CVE-2022-0492)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
6. Package List:
Red Hat Enterprise Linux Server E4S (v. 7.7):
Source:
kpatch-patch-3_10_0-1062_51_1-1-7.el7.src.rpm
kpatch-patch-3_10_0-1062_52_2-1-6.el7.src.rpm
kpatch-patch-3_10_0-1062_56_1-1-5.el7.src.rpm
kpatch-patch-3_10_0-1062_59_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-1062_60_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-1062_61_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-1062_63_1-1-2.el7.src.rpm
kpatch-patch-3_10_0-1062_66_1-1-1.el7.src.rpm
ppc64le:
kpatch-patch-3_10_0-1062_51_1-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_52_2-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_56_1-1-5.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_59_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_60_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_61_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_63_1-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_66_1-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.ppc64le.rpm
x86_64:
kpatch-patch-3_10_0-1062_51_1-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_52_2-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_56_1-1-5.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_59_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_60_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_61_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_63_1-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_66_1-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-0492
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYozwkNzjgjWX9erEAQh2mQ//S31yaKMnRIUqLn+Hqq1uV6W4X9M3pEZ+
OVXyoamJU60LYzdGvDFX+owmC7dOiHPO2E2rd1XnvPwTIUmx36lMLi0zgBCxRvTW
cvgxD8EuX0FGeKJRHEjzpOoBGdIgbT1+eQz+3HeINRklZuIwSerKoMbWmQswzEaR
eMG4/FkAnk3jpM2dYghNHDCLAef9i9QziRbqu1OhxJjJXD+ugnQWquX0bJcaCTdI
goRXAebg3p6U7BJsqQNTk0AVZmqP6XcvtTs2lCT8ZryrpyR8S9cjTVdofwWZdwnx
kYRk5+r+d7+QR5sfs+AI17Cy++u4qkOOgIlIPETMcsqvJ4m/wP6mi90FwG+N2Kw4
ualW7UGV1bb4a+ojQ03OExchBVRah0YVL85kqL1UGSYkqolGsLxWdWN6Ypc5/SoN
RpgzrOrzmCHcG+uLgl19Qdcb0qSRuQlRIb/YgD06i2bUEzOXMBprS0tDEx11IGWj
EPYT5S7BPHwH+rLz+l+VH1p99KehR1uPQ1emiKX5OcngMAYBSWMfBZW+ckfIxv0T
ja7cVfIx+O8VQXlPYnD13o4nTJ0TwCbAtMtcF0jHkWzDDnHBdQeH/FDVGl5oT+/h
QQ6rn26n8veBbIQTEJB/2fy9OiTYA0MLSv2GuSMwq49VYBkaWRJ06OENnwSmoOt9
LtKqFtgLmSA=pZbG
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
https://listman.redhat.com/mailman/listinfo/rhsa-announce

• Follow us on Twitter^[19]
• Subscribe to an RSS Feed^[20]

File Tags

• ActiveX^[21] (932)
• Advisory^[22] (77,429)
• Arbitrary^[23] (15,093)
• BBS^[24] (2,859)
• Bypass^[25] (1,562)
• CGI^[26] (1,011)
• Code Execution^[27] (6,654)
• Conference^[28] (668)
• Cracker^[29] (797)
• CSRF^[30] (3,270)
• DoS^[31] (21,803)
• Encryption^[32] (2,330)
• Exploit^[33] (49,768)
• File Inclusion^[34] (4,146)
• File Upload^[35] (942)
• Firewall^[36] (821)
• Info Disclosure^[37] (2,546)
• Intrusion Detection^[38] (851)
• Java^[39] (2,781)
• JavaScript^[40] (794)
• Kernel^[41] (6,017)
• Local^[42] (13,991)
• Magazine^[43] (586)
• Overflow^[44] (12,140)
• Perl^[45] (1,410)
• PHP^[46] (5,039)
• Proof of Concept^[47] (2,278)
• Protocol^[48] (3,300)
• Python^[49] (1,394)
• Remote^[50] (29,644)
• Root^[51] (3,445)
• Ruby^[52] (574)
• Scanner^[53] (1,630)
• Security Tool^[54] (7,682)
• Shell^[55] (3,059)
• Shellcode^[56] (1,202)
• Sniffer^[57] (880)
• Spoof^[58] (2,082)
• SQL Injection^[59] (15,999)
• TCP^[60] (2,352)
• Trojan^[61] (672)
• UDP^[62] (866)
• Virus^[63] (659)
• Vulnerability^[64] (30,412)
• Web^[65] (8,997)
• Whitepaper^[66] (3,712)
• x86^[67] (942)
• XSS^[68] (17,304)
• Other^[69]

File Archives

• May 2022^[70]
• April 2022^[71]
• March 2022^[72]
• February 2022^[73]
• January 2022^[74]
• December 2021^[75]
• November 2021^[76]
• October 2021^[77]
• September 2021^[78]
• August 2021^[79]
• July 2021^[80]
• June 2021^[81]
• Older^[82]

Systems

• AIX^[83] (426)
• Apple^[84] (1,883)
• BSD^[85] (368)
• CentOS^[86] (55)
• Cisco^[87] (1,912)
• Debian^[88] (5,948)
• Fedora^[89] (1,690)
• FreeBSD^[90] (1,241)
• Gentoo^[91] (4,152)
• HPUX^[92] (878)
• iOS^[93] (318)
• iPhone^[94] (108)
• IRIX^[95] (220)
• Juniper^[96] (67)
• Linux^[97] (42,118)
• Mac OS X^[98] (683)
• Mandriva^[99] (3,105)
• NetBSD^[100] (255)
• OpenBSD^[101] (478)
• RedHat^[102] (11,501)
• Slackware^[103] (941)
• Solaris^[104] (1,607)
• SUSE^[105] (1,444)
• Ubuntu^[106] (7,796)
• UNIX^[107] (9,062)
• UnixWare^[108] (185)
• Windows^[109] (6,406)
• Other^[110]

© 2022 Packet Storm. All rights reserved.

Read more https://packetstormsecurity.com/files/167256/RHSA-2022-4721-01.txt