Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5540 kpatch-patch security update 3 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kpatch-patch Publisher: Red Hat Operating System: Red Hat Resolution: Patch/Upgrade CVE Names: CVE-2022-2588 Original Bulletin: https://access.redhat.com/errata/RHSA-2022:7344 Comment: CVSS (Max): 7.8 CVE-2022-2588 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS Source: Red Hat Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:7344-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7344 Issue date: 2022-11-02 CVE Names: CVE-2022-2588 ===================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation 6. Package List: Red Hat Enterprise Linux Server (v. 7): Source: kpatch-patch-3_10_0-1160_62_1-1-3.el7.src.rpm kpatch-patch-3_10_0-1160_66_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1160_71_1-1-1.el7.src.rpm kpatch-patch-3_10_0-1160_76_1-1-1.el7.src.rpm ppc64le: kpatch-patch-3_10_0-1160_62_1-1-3.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_62_1-debuginfo-1-3.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_66_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_66_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_71_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_71_1-debuginfo-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_76_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_76_1-debuginfo-1-1.el7.ppc64le.rpm x86_64: kpatch-patch-3_10_0-1160_62_1-1-3.el7.x86_64.rpm kpatch-patch-3_10_0-1160_62_1-debuginfo-1-3.el7.x86_64.rpm kpatch-patch-3_10_0-1160_66_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_66_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_71_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_71_1-debuginfo-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_76_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_76_1-debuginfo-1-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2588 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2K9LNzjgjWX9erEAQhsnA//UwMUCdN9W7+utXqcMS6RGN73XG9tWWwq IWdXzGq+LnE+qllL5QeY33PKcAFZSOGLrRT/g1uy2C4K+ib4Y2gJ9Xd4FPfnnmgU wCQMNCy8aPPPnDcomwfiAYNhVdH/RLwQniiYpcd4NcD+8Xrwn4X9QZIitT4o7ihZ oD1DQLlHylRKiyf1R3QtnkJcdDgkMf2Lfs4pldhjqXkVS2TaK583dG9kXX2SAvWC a//aLchmWTL9gECnVEbDE7gSLclR9hNoaMWIKXoHvnathc65nStoeU7YxFB55xrq 9SU1tHNY2NWUsblsOVGbyUdxsE8UoEXnwBVwwUh60us/XHpcbQD3yIAKBAYuxr21 FDAKG3QZ+ucju71h7W2mOL9LWd5aFF8tsp7yHoyc2SFI7bDLRPNZSgRMAqhqPohN 1CIAAUrO2ep+o9/KjQhgOpJS8VZLRLxNFA5xCcQq6g1QWFYXA3waDYxxpDTGLVDz mSwiZtUFec1ReepALgo5B5vxpGSRvWWKiS1jh8cnNynwm+u0veF15f9di+jI1B8J B8giDVmK/jb1Tp/SqpK1NwFVBnL6WJ56VKAKQ8tEfPtmc6PbIAmOFCO60YEX4Mpo i8+sBeSnYiCzoDckA07DAldePiRO6nU6Xph0V16//T1WUMyfTYeQh5HQ1hiDiVHe 6T8/N5WxKa8= =8+4B - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY2L658kNZI30y1K9AQiHyBAAo1ks0aST+Z1KdyHdjaqD5v65sjL4xAHQ PocyItEyqrRi516nzwTKym9Pb+WD+TGuBnja3jveIHUdwadwfitZEvZqsF/vwAIc APDZ2rkOYizL4kMD4ZJI1BTjPkpYBG27VPOW3ZETVfEqq57f8gDcL1F1FAOU1JAa kOItmbFhg237Vwh8mCUd5a4llnmNFs9y+rWJoK8T+IgEqLddP6eBZgo3F/csKjOj cGkI52EkJUc9fTuPBn4CztDAim8lpkIuEZ/4htqj0jQhofFuc/hsuNaepENBYXUw vv8fjt9YZiklJxAF2H+vikiHwjTp+bwus5VJuvY32Zb0JlQZExdp4ap0IGewE45W 3T9WGQg3sF9i+1bKys65sorg3dPK+4qLuLEzgmEAFdlCv8IKkEi7mg5iC7VXBVyg T6aqZuIEq4dx4iFlgqmVorFC9rxBH/Hz16FZzp7A8iN2gYkDnbsFtq+6Kt2wMOEY w4Dps6ssvASQhAM8254LJqGeeqmQNqcXgtqeX4jt5NF4kCpabCPm1jSo5PTj1I1D CxNpU75YWilk0dwhgXBYrMdL40zfNb3MR+PbT0tmQHJY/I/LgoT5nOpYOqMkDkzD yiCaVVS6z7mumRtrMq9fU0eGEbwe3c3fJH8j3yAgV6M/GsDZ9VcYZut83PHKrUgo eRu6K0brZks= =nFEK -----END PGP SIGNATURE-----