Red Hat Security Advisory: kernel security, bug fix, and enhancement update
🔗 CVE IDs covered (13)
📋 Description
CVE-2022-0494 — kernel: information leak in scsi_ioctl() CVE-2022-1353 — kernel: kernel info leak issue in pfkey_register CVE-2022-2588 — kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation CVE-2022-23816 — hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-23825 — hw: cpu: AMD: Branch Type Confusion (non-retbleed) CVE-2022-28693 — hw: cpu: Intel: information disclosure via local access CVE-2022-29900 — hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-29901 — hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-49610 — kernel: KVM: VMX: Prevent RSB underflow before vmenter CVE-2022-49611 — kernel: x86/speculation: Fill RSB on vmexit for IBRS CVE-2022-50053 — kernel: iavf: Fix reset error handling CVE-2022-50054 — kernel: iavf: Fix NULL pointer dereference in iavf_get_link_ksettings CVE-2022-50055 — kernel: iavf: Fix adminq error handling
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2022:7110
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2039448
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2066819
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2090226
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103148
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103153
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2114849
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7110.json