What is the severity of RHSA-2022:7338?

The severity of RHSA-2022:7338 is classified as important due to the potential for privilege escalation.

How do I fix RHSA-2022:7338?

To fix RHSA-2022:7338, update the relevant kernel-rt packages to version 3.10.0-1160.80.1.rt56.1225.el7 or later.

What vulnerabilities are addressed in RHSA-2022:7338?

RHSA-2022:7338 addresses a use-after-free vulnerability in the cls_route filter implementation, leading to potential privilege escalation (CVE-2022-2588).

Which systems are affected by RHSA-2022:7338?

Systems running the kernel-rt packages prior to version 3.10.0-1160.80.1.rt56.1225.el7 on Red Hat Enterprise Linux 7 are affected by RHSA-2022:7338.

What is the primary concern of RHSA-2022:7338?

The primary concern of RHSA-2022:7338 is the risk of privilege escalation due to the identified vulnerability.

Vulnerability/
RHSA-2022:7338

CWE

416

2/11/2022

5/4/2024

RHSA-2022:7338: Important: kernel-rt security and bug fix update

First published: Wed Nov 02 2022(Updated: )

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)</li> <li> RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)</li> <li> Branch Type Confusion (non-retbleed) (CVE-2022-23825)</li> <li> Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)</li> <li> Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Update to the latest RHEL7.9.z18 source tree (BZ#2117337)</li>

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2022:7338 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2022:7338?
The severity of RHSA-2022:7338 is classified as important due to the potential for privilege escalation.
How do I fix RHSA-2022:7338?
To fix RHSA-2022:7338, update the relevant kernel-rt packages to version 3.10.0-1160.80.1.rt56.1225.el7 or later.
What vulnerabilities are addressed in RHSA-2022:7338?
RHSA-2022:7338 addresses a use-after-free vulnerability in the cls_route filter implementation, leading to potential privilege escalation (CVE-2022-2588).
Which systems are affected by RHSA-2022:7338?
Systems running the kernel-rt packages prior to version 3.10.0-1160.80.1.rt56.1225.el7 on Red Hat Enterprise Linux 7 are affected by RHSA-2022:7338.
What is the primary concern of RHSA-2022:7338?
The primary concern of RHSA-2022:7338 is the risk of privilege escalation due to the identified vulnerability.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/remedy
agent/weakness
agent/title
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:7338
agent/software-canonical-lookup
agent/references
agent/event
agent/tags
agent/source
package-manager/redhat