Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:5633
HistoryJul 19, 2022 - 2:39 p.m.

(RHSA-2022:5633) Important: kernel-rt security and bug fix update

2022-07-1914:39:39
access.redhat.com
40
real time linux kernel
information leak
privilege escalation
netfilter subsystem
cgroup
race condition
bug fix
rhel-8.4.z10.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

EPSS

0.002

Percentile

53.0%

JSON

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)

  • kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)

  • kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)

  • kernel: cgroup: Use open-time creds and namespace for migration perm checks (CVE-2021-4197)

  • kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses (CVE-2021-4203)

  • kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update RT source tree to the RHEL-8.4.z10 source tree (BZ#2087922)
OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-rt-debug-core< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debug-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-modules-extra< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debug-modules-extra-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debug-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-kvm< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debug-kvm-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-core< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-core-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-modules< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debuginfo< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debuginfo-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-debug-modules< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-debug-modules-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
RedHat8x86_64kernel-rt-devel< 4.18.0-305.57.1.rt7.129.el8_4kernel-rt-devel-4.18.0-305.57.1.rt7.129.el8_4.x86_64.rpm
Rows per page:
1-10 of 151

Related

nessus 49
redhat 28
osv 13
almalinux 6
rocky 4
oraclelinux 7
centos 1
cvelist 6
cbl_mariner 8
prion 6
nvd 6
redhatcve 6
ubuntucve 5
veracode 5
debiancve 6
cve 6
f5 2
zdi 1
redos 1
ibm 4
githubexploit 3
fedora 11
cnvd 3
openvas 12
nessus
nessus
RHEL 8 : kernel (RHSA-2022:5626)
2022-07-20 00:00:00
RHEL 8 : kernel-rt (RHSA-2022:5633)
2022-07-20 00:00:00
RHEL 8 : kernel (RHSA-2022:5636)
2022-07-20 00:00:00
redhat
redhat
(RHSA-2022:5626) Important: kernel security and bug fix update
2022-07-19 14:39:33
(RHSA-2022:5636) Important: kernel security and bug fix update
2022-07-19 14:44:22
(RHSA-2022:6053) Moderate: OpenShift Container Platform 4.7.56 security and bug fix update
2022-08-22 21:04:05
osv
osv
Important: kernel security and bug fix update
2022-08-02 07:00:14
Important: kernel security and bug fix update
2022-08-03 00:00:00
Important: kernel-rt security and bug fix update
2022-08-02 00:00:00
almalinux
almalinux
Important: kernel security and bug fix update
2022-08-03 00:00:00
Important: kernel-rt security and bug fix update
2022-08-02 00:00:00
Important: kernel security and bug fix update
2022-07-01 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-08-02 07:11:05
kernel security and bug fix update
2022-08-02 07:00:14
kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
oraclelinux
oraclelinux
kernel security and bug fix update
2022-08-08 00:00:00
kernel security and bug fix update
2022-06-30 00:00:00
Unbreakable Enterprise kernel-container security update
2022-05-20 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2022-08-02 19:42:00
cvelist
cvelist
CVE-2020-29368
2020-11-28 06:20:26
CVE-2022-32250
2022-06-02 20:51:34
CVE-2021-4203
2022-03-25 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-29368 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
CVE-2022-32250 affecting package kernel 5.10.117.1-2
2022-07-14 21:00:16
CVE-2022-32250 affecting package kernel for versions less than 5.15.45.1-2
2022-06-26 03:30:03
prion
prion
Race condition
2020-11-28 07:15:00
Design/Logic Flaw
2022-06-02 21:15:00
Design/Logic Flaw
2022-03-23 20:15:00
nvd
nvd
CVE-2020-29368
2020-11-28 07:15:11
CVE-2022-32250
2022-06-02 21:15:07
CVE-2021-4197
2022-03-23 20:15:10
redhatcve
redhatcve
CVE-2020-29368
2020-12-01 17:29:45
CVE-2022-32250
2022-06-07 02:30:38
CVE-2021-4197
2022-01-03 16:04:44
ubuntucve
ubuntucve
CVE-2020-29368
2020-11-28 00:00:00
CVE-2021-4203
2022-03-25 00:00:00
CVE-2021-4197
2021-12-31 00:00:00
veracode
veracode
Unintended Write Access
2020-12-06 02:22:25
Authentication Bypass
2022-06-20 19:47:58
Privilege Escalation
2022-01-26 05:22:00
debiancve
debiancve
CVE-2020-29368
2020-11-28 07:15:11
CVE-2022-32250
2022-06-02 21:15:07
CVE-2021-4197
2022-03-23 20:15:10
cve
cve
CVE-2020-29368
2020-11-28 07:15:11
CVE-2022-32250
2022-06-02 21:15:07
CVE-2021-4197
2022-03-23 20:15:10
f5
f5
K000133447 : Linux kernel vulnerability CVE-2022-32250
2023-04-11 00:00:00
K000132933 : Linux kernel vulnerability CVE-2022-1729
2023-03-13 00:00:00
zdi
zdi
Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability
2023-12-20 00:00:00
redos
redos
ROS-20220619-01
2022-06-19 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management
2022-09-17 01:21:23
Security Bulletin: Linux Kernel vulnerability may affect IBM Elastic Storage System (CVE-2021-4203)
2022-08-29 11:34:52
Security Bulletin: Vulnerability in Kernel (CVE-2022-1012) affects Power HMC
2023-01-08 16:04:52
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2023-01-27 14:44:39
Exploit for Use After Free in Linux Linux Kernel
2024-06-09 19:53:54
Exploit for Use After Free in Linux Linux Kernel
2022-08-24 06:00:47
fedora
fedora
[SECURITY] Fedora 34 Update: kernel-5.15.14-100.fc34
2022-01-15 01:22:59
[SECURITY] Fedora 35 Update: kernel-5.15.14-200.fc35
2022-01-15 01:22:52
[SECURITY] Fedora 35 Update: kernel-headers-5.17.11-200.fc35
2022-05-28 01:22:58
cnvd
cnvd
Linux kernel elevation of privilege vulnerability (CNVD-2022-68560)
2022-01-20 00:00:00
Linux kernel denial of service vulnerability (CNVD-2022-69201)
2022-03-14 00:00:00
Linux kernel competition condition issue vulnerability (CNVD-2022-74091)
2022-09-09 00:00:00
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2022-d918ad60e5)
2022-01-15 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-ade480f201)
2022-01-15 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-8095b23575)
2022-05-29 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

EPSS

0.002

Percentile

53.0%

JSON
Related for RHSA-2022:5633
nessus49redhat28osv13almalinux6rocky4oraclelinux7centos1cvelist6cbl_mariner8prion6nvd6redhatcve6ubuntucve5veracode5debiancve6cve6f52zdi1redos1ibm4githubexploit3fedora11cnvd3openvas12