What is the severity of RHSA-2022:1106?

RHSA-2022:1106 is classified as important due to the potential for local privilege escalation.

How do I fix RHSA-2022:1106?

You can fix RHSA-2022:1106 by updating to the latest kernel package version 3.10.0-514.99.1.el7 or later.

What vulnerabilities does RHSA-2022:1106 address?

RHSA-2022:1106 addresses a Use After Free vulnerability in unix_gc() and additional potential privilege escalation issues.

Which systems are affected by RHSA-2022:1106?

RHSA-2022:1106 affects Red Hat Enterprise Linux systems utilizing the kernel version 3.10.0-514.99.1.el7.

What are the consequences of not addressing RHSA-2022:1106?

Not addressing RHSA-2022:1106 could allow attackers to escalate privileges on affected systems, compromising security.

Vulnerability/
RHSA-2022:1106

CWE

416

29/3/2022

RHSA-2022:1106: Important: kernel security update

First published: Tue Mar 29 2022(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)</li> <li> kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/kernel	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-abi-whitelists	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-debug	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-debug-debuginfo	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-debug-devel	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-debuginfo	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-devel	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-doc	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-headers	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-tools	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-tools-debuginfo	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-tools-libs	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/kernel-tools-libs-devel	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/perf	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/perf-debuginfo	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/python-perf	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7
redhat/python-perf-debuginfo	<3.10.0-514.99.1.el7	3.10.0-514.99.1.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:1106?
RHSA-2022:1106 is classified as important due to the potential for local privilege escalation.
How do I fix RHSA-2022:1106?
You can fix RHSA-2022:1106 by updating to the latest kernel package version 3.10.0-514.99.1.el7 or later.
What vulnerabilities does RHSA-2022:1106 address?
RHSA-2022:1106 addresses a Use After Free vulnerability in unix_gc() and additional potential privilege escalation issues.
Which systems are affected by RHSA-2022:1106?
RHSA-2022:1106 affects Red Hat Enterprise Linux systems utilizing the kernel version 3.10.0-514.99.1.el7.
What are the consequences of not addressing RHSA-2022:1106?
Not addressing RHSA-2022:1106 could allow attackers to escalate privileges on affected systems, compromising security.

agent/references
agent/severity
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:1106
agent/software-canonical-lookup
agent/remedy
agent/title
agent/weakness
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat