Lucene search

K
redhatRedHatRHSA-2023:0526
HistoryJan 30, 2023 - 1:43 p.m.

(RHSA-2023:0526) Important: kernel-rt security and bug fix update

2023-01-3013:43:57
access.redhat.com
35
rhsa-2023-0526
kernel-rt
security fix
bug fix
ax88179_178a
i915
memory corruption
tlb flush
rhel-9.0.z6 batch
dell 9.0 rt
call traces
rt debug bug

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

  • kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update RT source tree to the latest RHEL-9.0.z6 Batch (BZ#2149955)

  • DELL 9.0 RT: On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154426)

  • RT Debug bug: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 (BZ#2160774)

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%