CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
Percentile
57.2%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)
kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)
kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)
kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)
kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)
kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Failed to reboot after crash trigger (BZ#2060747)
conntrack entries linger around after test (BZ#2066357)
Enable nested virtualization (BZ#2079070)
slub corruption during LPM of hnv interface (BZ#2081251)
sleeping function called from invalid context at kernel/locking/spinlock_rt.c:35 (BZ#2082091)
Backport request of “genirq: use rcu in kstat_irqs_usr()” (BZ#2083309)
ethtool -L may cause system to hang (BZ#2083323)
For isolated CPUs (with nohz_full enabled for isolated CPUs) CPU utilization statistics are not getting reflected continuously (BZ#2084139)
Affinity broken due to vector space exhaustion (BZ#2084647)
kernel memory leak while freeing nested actions (BZ#2086597)
sync rhel-8.6 with upstream 5.13 through 5.16 fixes and improvements (BZ#2088037)
Kernel panic possibly when cleaning namespace on pod deletion (BZ#2089539)
Softirq hrtimers are being placed on the per-CPU softirq clocks on isolcpu’s. (BZ#2090485)
fix missed wake-ups in rq_qos_throttle try two (BZ#2092076)
NFS4 client experiencing IO outages while sending duplicate SYNs and erroneous RSTs during connection reestablishment (BZ#2094334)
using __this_cpu_read() in preemptible [00000000] code: kworker/u66:1/937154 (BZ#2095775)
Need some changes in RHEL8.x kernels. (BZ#2096932)
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
EPSS
Percentile
57.2%