Red Hat Security Advisory: kernel security and bug fix update
🔗 CVE IDs covered (16)
📋 Description
CVE-2022-1158 — kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region CVE-2022-2639 — kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() CVE-2022-2959 — kernel: watch queue race condition can lead to privilege escalation CVE-2022-21123 — hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR) CVE-2022-21125 — hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS) CVE-2022-21166 — hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW) CVE-2022-23816 — hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-23825 — hw: cpu: AMD: Branch Type Confusion (non-retbleed) CVE-2022-26373 — hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions CVE-2022-28693 — hw: cpu: Intel: information disclosure via local access CVE-2022-29900 — hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-29901 — hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions CVE-2022-43945 — kernel: nfsd buffer overflow by RPC message over TCP with garbage data CVE-2022-49086 — kernel: net: openvswitch: fix leak of nested actions CVE-2022-49610 — kernel: KVM: VMX: Prevent RSB underflow before vmenter CVE-2022-49611 — kernel: x86/speculation: Fill RSB on vmexit for IBRS
🔗 References (15)
- selfhttps://access.redhat.com/errata/RHSA-2022:8973
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/solutions/6971358
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2069793
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2084479
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2090226
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2090237
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2090240
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2090241
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103148
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103153
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2103681
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2115065
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2141752
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8973.json