ID

VAR-202203-0043

CVE

CVE-2022-0847

TITLE

Linux Kernel  Initialization vulnerability in

DESCRIPTION

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. Linux Kernel Has an initialization vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. CVE-2021-43976 Zekun Shen and Brendan Dolan-Gavitt discovered a flaw in the mwifiex_usb_recv() function of the Marvell WiFi-Ex USB Driver. CVE-2022-24448 Lyu Tao reported a flaw in the NFS implementation in the Linux kernel when handling requests to open a directory on a regular file, which could result in a information leak. CVE-2022-25258 Szymon Heidrich reported the USB Gadget subsystem lacks certain validation of interface OS descriptor requests, resulting in memory corruption. CVE-2022-25375 Szymon Heidrich reported that the RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command, resulting in information leak from kernel memory. For the stable distribution (bullseye), these problems have been fixed in version 5.10.92-2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmImAChfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TlAw/+MoL+9zYTlpPOcWp0YMuOkEUJU3WS7udSyTSZLNZsWuQTVmPQ6ed7Fxw/ b0j6OCX9HbrIl4nJdx+7D53ujWC6hS29TLgHCb8d/TEeluXPVI2+4Nt1FcZbSXTJ 6hBNIVVIiDUV9Wco8JUVbvk+y8VCsHxqDEePpEOTZVYLyDUUdti4V7+3ZyO8XQ4/ ePeCX8QQba5FApsz4jG7CkBCxBxyley6YswPV3Zz1FF6L/hGjgluYiKFbO4mLTlX vqwv/UIAZl2rutHzzxyBE5hIlPGXfgksPI7jTmSMRkWI99cIlJWTlziecYLQUiid 2NwOyu2vrut6ZVbtmI5WbTy64Aa9EKguQLd+SbBMuK790nfTLRySaZnU52/1j1MW 1/3Nwq+pDbZ/yAAeV/TS9oKl3mG3XVOO34EGpr9A5aZzCPetyb1TQj0jR5+mjCxy RTxYZuCrisnFvVXXRZLPc1vPcZW+ULXrPQFWEEvd2WKRa6iIkDHf5ef8pHRm36mk 9Yt0x6UmmVWLRRZp7UCbD03NB5p3oJKi+i1h3d+19jQGwU2bEhfOEADCADqlZLwc /6vFZ7TrA/74LXM8MOc5+VQbxL8nGetenPSHuxNwoeXw1ry4+x9KV6YHMqeqQ/qW jFpIOfWS1HQ9vC9t46V2eE0sfrOu2Jvdm4MixwRbXhjzs/REYTY= =MIhw -----END PGP SIGNATURE----- . Summary: The Migration Toolkit for Containers (MTC) 1.5.4 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Security Fix(es): * golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/): 1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic 5. ========================================================================= Ubuntu Security Notice USN-5362-1 April 01, 2022 linux-intel-5.13 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-intel-5.13: Linux kernel for Intel IOTG Details: Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-25636) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by ARM to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-23960) It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-23222) Max Kellermann discovered that the Linux kernel incorrectly handled Unix pipes. A local attacker could potentially use this to modify any file that could be opened for reading. (CVE-2022-0847) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. (CVE-2022-0492) William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-0185) Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information. (CVE-2022-0001) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4090) Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. (CVE-2021-4155) It was discovered that the AMD Radeon GPU driver in the Linux kernel did not properly validate writes in the debugfs file system. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327) Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-0330) Samuel Page discovered that the Transparent Inter-Process Communication (TIPC) protocol implementation in the Linux kernel contained a stack-based buffer overflow. A remote attacker could use this to cause a denial of service (system crash) for systems that have a TIPC bearer configured. (CVE-2022-0435) It was discovered that the KVM implementation for s390 systems in the Linux kernel did not properly prevent memory operations on PVM guests that were in non-protected mode. A local attacker could use this to obtain unauthorized memory write access. (CVE-2022-0516) It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-0742) It was discovered that the VMware Virtual GPU driver in the Linux kernel did not properly handle certain failure conditions, leading to a stale entry in the file descriptor table. A local attacker could use this to expose sensitive information or possibly gain administrative privileges. (CVE-2022-22942) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.13.0-1010-intel 5.13.0-1010.10 linux-image-intel 5.13.0.1010.11 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5362-1 CVE-2021-4083, CVE-2021-4090, CVE-2021-4155, CVE-2021-42327, CVE-2022-0001, CVE-2022-0185, CVE-2022-0330, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0742, CVE-2022-0847, CVE-2022-22942, CVE-2022-23222, CVE-2022-23960, CVE-2022-25636 Package Information: https://launchpad.net/ubuntu/+source/linux-intel-5.13/5.13.0-1010.10 . These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2022:0820-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0820 Issue date: 2022-03-10 CVE Names: CVE-2021-4083 CVE-2022-0330 CVE-2022-0492 CVE-2022-0847 CVE-2022-22942 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2036933) Security Fix(es): * kernel: improper initialization of the "flags" member of the new pipe_buffer (CVE-2022-0847) * kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) * kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330) * kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492) * kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [Intel 8.3 Bug] ICX Whitley: PCIe - kernel panic with AER-INJECT (BZ#2040309) * [ESXi][RHEL8] A task is stuck waiting for the completion of the vmci_resouce releasing upon the balloon reset. [None8.2.0.z] (BZ#2052200) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation 2060795 - CVE-2022-0847 kernel: improper initialization of the "flags" member of the new pipe_buffer 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.2): Source: kernel-4.18.0-193.79.1.el8_2.src.rpm aarch64: bpftool-4.18.0-193.79.1.el8_2.aarch64.rpm bpftool-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-core-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-cross-headers-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-core-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-devel-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-modules-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-modules-extra-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-devel-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-headers-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-modules-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-modules-extra-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-tools-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-tools-libs-4.18.0-193.79.1.el8_2.aarch64.rpm perf-4.18.0-193.79.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm python3-perf-4.18.0-193.79.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-193.79.1.el8_2.noarch.rpm kernel-doc-4.18.0-193.79.1.el8_2.noarch.rpm ppc64le: bpftool-4.18.0-193.79.1.el8_2.ppc64le.rpm bpftool-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-core-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-cross-headers-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-core-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-devel-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-modules-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-modules-extra-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-devel-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-headers-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-modules-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-modules-extra-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-tools-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-tools-libs-4.18.0-193.79.1.el8_2.ppc64le.rpm perf-4.18.0-193.79.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm python3-perf-4.18.0-193.79.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm s390x: bpftool-4.18.0-193.79.1.el8_2.s390x.rpm bpftool-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm kernel-4.18.0-193.79.1.el8_2.s390x.rpm kernel-core-4.18.0-193.79.1.el8_2.s390x.rpm kernel-cross-headers-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-core-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-devel-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-modules-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debug-modules-extra-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-193.79.1.el8_2.s390x.rpm kernel-devel-4.18.0-193.79.1.el8_2.s390x.rpm kernel-headers-4.18.0-193.79.1.el8_2.s390x.rpm kernel-modules-4.18.0-193.79.1.el8_2.s390x.rpm kernel-modules-extra-4.18.0-193.79.1.el8_2.s390x.rpm kernel-tools-4.18.0-193.79.1.el8_2.s390x.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-core-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-devel-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-modules-4.18.0-193.79.1.el8_2.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-193.79.1.el8_2.s390x.rpm perf-4.18.0-193.79.1.el8_2.s390x.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm python3-perf-4.18.0-193.79.1.el8_2.s390x.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.s390x.rpm x86_64: bpftool-4.18.0-193.79.1.el8_2.x86_64.rpm bpftool-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-core-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-cross-headers-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-core-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-devel-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-modules-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-modules-extra-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-devel-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-headers-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-modules-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-modules-extra-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-tools-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-tools-libs-4.18.0-193.79.1.el8_2.x86_64.rpm perf-4.18.0-193.79.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm python3-perf-4.18.0-193.79.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.2): aarch64: bpftool-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm kernel-tools-libs-devel-4.18.0-193.79.1.el8_2.aarch64.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm kernel-tools-libs-devel-4.18.0-193.79.1.el8_2.ppc64le.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debug-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-tools-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm kernel-tools-libs-devel-4.18.0-193.79.1.el8_2.x86_64.rpm perf-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm python3-perf-debuginfo-4.18.0-193.79.1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYippnNzjgjWX9erEAQgeIA/8DjMqXgeKBWJlF/juiqi+DTsTZw1SwsGt 1Hp0MqSHnmQGnDQ7fm4Ifn63Apmgk+oxWgepaIVrMtWf2rhmXyDpRfCtgjXU5rRj YVzl84tQGZyWBCBYA5R9Xa6/iSYWyFC0CJ5d0MvZ7uNGVSWj8F5Ne1u7/yJYcREQ 38224Coz5ED0NFBHYM/GSnPdL+l7nfmIA3VEmr25njpgbHM3hjnn2B98klp27h+L QP2ONO2XAax/aikdT6NVqAG2G6HQ2BkG3BOZAhXUJoSV6MI6OpPyxlg5RH0445xx 53nWsgs+oenfh7yJV5i+gCNUbJV7hhp9HJ9DTOj/VT6BsYAtz1baY47NrDdrmHzj mKx8gYVEXtoKLBkmrcoBmLH4sGIu+9DsComN1FJBuJij4nX8aIdIXZAsE414qd5V oNra4L/eS+mTziD6Q6jwSeVCOCdqxOdqpL9JeIiWKlOW3WjAG7VnPvLWJoXKQeEJ hvtnZY6/SMMZQ5p3qq0pJVRa7jsaGevT7BFyOkH+6ephJedX9FcSkDP2iWFmrXQk l9kkHgqHsm6tMM7gr7/yTHzKyOQblaaB0czOTNexTVg3qRQ1Tpiz+IoV8A7FBzrB M69wkaT/IAmuc/FeXNe94/ZLj2oeHjTFhZp+p8YClbmRtLd+Mb3p6Gz1uWhuka4U 7ibzusummRs=QzAW -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel symbol '__rt_mutex_init' is exported GPL-only in kernel 4.18.0-348.2.1.rt7.132.el8_5 (BZ#2038423) * kernel-rt: update RT source tree to the RHEL-8.5.z3 source tree (BZ#2045589) 4

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

other

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Siemens reported these vulnerabilities to CISA.

SOURCES

LAST UPDATE DATE

2026-06-19T19:58:33.676000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE