Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5540
kpatch-patch security update
3 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kpatch-patch
Publisher: Red Hat
Operating System: Red Hat
Resolution: Patch/Upgrade
CVE Names: CVE-2022-2588
Original Bulletin:
https://access.redhat.com/errata/RHSA-2022:7344
Comment: CVSS (Max): 7.8 CVE-2022-2588 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kpatch-patch security update
Advisory ID: RHSA-2022:7344-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7344
Issue date: 2022-11-02
CVE Names: CVE-2022-2588
=====================================================================
1. Summary:
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64
3. Description:
This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.
Security Fix(es):
* a use-after-free in cls_route filter implementation may lead to privilege
escalation (CVE-2022-2588)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
6. Package List:
Red Hat Enterprise Linux Server (v. 7):
Source:
kpatch-patch-3_10_0-1160_62_1-1-3.el7.src.rpm
kpatch-patch-3_10_0-1160_66_1-1-2.el7.src.rpm
kpatch-patch-3_10_0-1160_71_1-1-1.el7.src.rpm
kpatch-patch-3_10_0-1160_76_1-1-1.el7.src.rpm
ppc64le:
kpatch-patch-3_10_0-1160_62_1-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_62_1-debuginfo-1-3.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_66_1-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_66_1-debuginfo-1-2.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_71_1-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_71_1-debuginfo-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_76_1-1-1.el7.ppc64le.rpm
kpatch-patch-3_10_0-1160_76_1-debuginfo-1-1.el7.ppc64le.rpm
x86_64:
kpatch-patch-3_10_0-1160_62_1-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_62_1-debuginfo-1-3.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_66_1-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_66_1-debuginfo-1-2.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_71_1-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_71_1-debuginfo-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_76_1-1-1.el7.x86_64.rpm
kpatch-patch-3_10_0-1160_76_1-debuginfo-1-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-2588
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY2K9LNzjgjWX9erEAQhsnA//UwMUCdN9W7+utXqcMS6RGN73XG9tWWwq
IWdXzGq+LnE+qllL5QeY33PKcAFZSOGLrRT/g1uy2C4K+ib4Y2gJ9Xd4FPfnnmgU
wCQMNCy8aPPPnDcomwfiAYNhVdH/RLwQniiYpcd4NcD+8Xrwn4X9QZIitT4o7ihZ
oD1DQLlHylRKiyf1R3QtnkJcdDgkMf2Lfs4pldhjqXkVS2TaK583dG9kXX2SAvWC
a//aLchmWTL9gECnVEbDE7gSLclR9hNoaMWIKXoHvnathc65nStoeU7YxFB55xrq
9SU1tHNY2NWUsblsOVGbyUdxsE8UoEXnwBVwwUh60us/XHpcbQD3yIAKBAYuxr21
FDAKG3QZ+ucju71h7W2mOL9LWd5aFF8tsp7yHoyc2SFI7bDLRPNZSgRMAqhqPohN
1CIAAUrO2ep+o9/KjQhgOpJS8VZLRLxNFA5xCcQq6g1QWFYXA3waDYxxpDTGLVDz
mSwiZtUFec1ReepALgo5B5vxpGSRvWWKiS1jh8cnNynwm+u0veF15f9di+jI1B8J
B8giDVmK/jb1Tp/SqpK1NwFVBnL6WJ56VKAKQ8tEfPtmc6PbIAmOFCO60YEX4Mpo
i8+sBeSnYiCzoDckA07DAldePiRO6nU6Xph0V16//T1WUMyfTYeQh5HQ1hiDiVHe
6T8/N5WxKa8=
=8+4B
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY2L658kNZI30y1K9AQiHyBAAo1ks0aST+Z1KdyHdjaqD5v65sjL4xAHQ
PocyItEyqrRi516nzwTKym9Pb+WD+TGuBnja3jveIHUdwadwfitZEvZqsF/vwAIc
APDZ2rkOYizL4kMD4ZJI1BTjPkpYBG27VPOW3ZETVfEqq57f8gDcL1F1FAOU1JAa
kOItmbFhg237Vwh8mCUd5a4llnmNFs9y+rWJoK8T+IgEqLddP6eBZgo3F/csKjOj
cGkI52EkJUc9fTuPBn4CztDAim8lpkIuEZ/4htqj0jQhofFuc/hsuNaepENBYXUw
vv8fjt9YZiklJxAF2H+vikiHwjTp+bwus5VJuvY32Zb0JlQZExdp4ap0IGewE45W
3T9WGQg3sF9i+1bKys65sorg3dPK+4qLuLEzgmEAFdlCv8IKkEi7mg5iC7VXBVyg
T6aqZuIEq4dx4iFlgqmVorFC9rxBH/Hz16FZzp7A8iN2gYkDnbsFtq+6Kt2wMOEY
w4Dps6ssvASQhAM8254LJqGeeqmQNqcXgtqeX4jt5NF4kCpabCPm1jSo5PTj1I1D
CxNpU75YWilk0dwhgXBYrMdL40zfNb3MR+PbT0tmQHJY/I/LgoT5nOpYOqMkDkzD
yiCaVVS6z7mumRtrMq9fU0eGEbwe3c3fJH8j3yAgV6M/GsDZ9VcYZut83PHKrUgo
eRu6K0brZks=
=nFEK
-----END PGP SIGNATURE-----