RLSA-2023:0854

Security

Mirrored from RHSA-2023:0854

Issued at: 2023-02-22

Updated at: 2023-02-22

Synopsis

Important: kernel-rt security and bug fix update

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)

* kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

* kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Rocky Linux8-RT: Backport use of a dedicate thread for timer wakeups (BZ#2127204)

* SNO Crashed twice - kernel BUG at lib/list_debug.c:28 (BZ#2132062)

* Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel [RT-8] (BZ#2139851)

* scheduling while atomic in fpu_clone() -> fpu_inherit_perms() (BZ#2154469)

* The latest Rocky Linux 8.7.z2 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2159806)

Affected products

Rocky Linux 8 x86_64

Fixes

2119048

2138818

2141752

CVEs

CVE-2022-2873

CVE-2022-41222

CVE-2022-43945

Affected packages

Rocky Linux 8 x86_64 - NFV

kernel-rt-debug-modules-extra-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-devel-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-0:4.18.0-425.13.1.rt7.223.el8_7.src.rpm

kernel-rt-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-core-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-core-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-debuginfo-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-devel-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debuginfo-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debuginfo-common-x86_64-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-kvm-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-debug-modules-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-kvm-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-modules-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

kernel-rt-modules-extra-0:4.18.0-425.13.1.rt7.223.el8_7.x86_64.rpm

Rocky Linux 8 x86_64 - RT