Lucene search

K
redhatRedHatRHSA-2022:2188
HistoryMay 11, 2022 - 12:42 p.m.

(RHSA-2022:2188) Important: kernel security update

2022-05-1112:42:55
CWE-416
access.redhat.com
220
kernel
security update
rdma
cve-2021-4028

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in RDMA listen() (CVE-2021-4028)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected configurations

Vulners
Node
redhatkernel-rtRange3.10.0-1160.62.1.rt56.1203.el7
OR
redhatkernelRange3.10.0-1160.62.1.el7
OR
redhatkernelRange3.10.0-514.101.1.el7
OR
redhatkernelRange3.10.0-693.100.1.el7
OR
redhatkernelRange3.10.0-957.94.1.el7
OR
redhatkernelRange3.10.0-1062.66.1.el7
OR
redhatkernel-rtRange4.18.0-348.23.1.rt7.153.el8_5
OR
redhatkernelRange4.18.0-348.23.1.el8_5
OR
redhatkernelRange4.18.0-147.64.1.el8_1
OR
redhatkernel-rtRange4.18.0-193.75.1.rt13.125.el8_2
OR
redhatkernelRange4.18.0-193.75.1.el8_2
OR
redhatkernel-rtRange4.18.0-305.40.1.rt7.112.el8_4
OR
redhatkernelRange4.18.0-305.40.1.el8_4
OR
redhatvirtualization_hostRange4.3.22-20220330.1.el7_9
OR
redhatvirtualization_hostRange4.5.0-202205291010_8.6
AND
redhatenterprise_linuxMatch7
OR
redhatenterprise_linuxMatchnfv
OR
redhatenterprise_linuxMatch8
OR
redhatenterprise_linuxMatchhypervisor
VendorProductVersionCPE
redhatkernel-rt*cpe:2.3:o:redhat:kernel-rt:*:*:*:*:*:*:*:*
redhatkernel*cpe:2.3:a:redhat:kernel:*:*:*:*:*:*:*:*
redhatvirtualization_host*cpe:2.3:a:redhat:virtualization_host:*:*:*:*:*:*:*:*
redhatenterprise_linux7cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
redhatenterprise_linuxnfvcpe:2.3:o:redhat:enterprise_linux:nfv:*:*:*:*:*:*:*
redhatenterprise_linux8cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*
redhatenterprise_linuxhypervisorcpe:2.3:o:redhat:enterprise_linux:hypervisor:*:*:*:*:*:*:*

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%