What is the severity of RHSA-2022:8765?

The severity of RHSA-2022:8765 is classified as a security issue that can lead to an out-of-bounds write due to an integer underflow.

How do I fix RHSA-2022:8765?

To fix RHSA-2022:8765, update to the kernel-rt package version 4.18.0-305.72.1.rt7.144.el8_4 or newer.

What vulnerabilities are addressed in RHSA-2022:8765?

RHSA-2022:8765 addresses a specific vulnerability in the openvswitch component linked to CVE-2022-2639.

Who is affected by RHSA-2022:8765?

Users of the affected kernel-rt packages on Red Hat systems are at risk due to the identified vulnerability.

When was RHSA-2022:8765 released?

RHSA-2022:8765 was released as a security advisory to address vulnerabilities in the Real Time Linux Kernel.

Vulnerability/
RHSA-2022:8765

2/12/2022

5/4/2024

RHSA-2022:8765: Important: kernel-rt security and bug fix update

First published: Fri Dec 02 2022(Updated: )

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> SNO Crashed twice - kernel BUG at lib/list_debug.c:28 (BZ#2132064)</li> <li> kernel-rt: update RT source tree to the RHEL-8.4.z14 source tree. (BZ#2144040)</li>

Affected Software	Affected Version	How to fix
redhat/kernel-rt	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-core	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-core	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-debuginfo	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-devel	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-modules	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-modules-extra	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debuginfo	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-devel	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-modules	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-modules-extra	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-debug-kvm	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4
redhat/kernel-rt-kvm	<4.18.0-305.72.1.rt7.144.el8_4	4.18.0-305.72.1.rt7.144.el8_4

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2022:8765 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2022:8765?
The severity of RHSA-2022:8765 is classified as a security issue that can lead to an out-of-bounds write due to an integer underflow.
How do I fix RHSA-2022:8765?
To fix RHSA-2022:8765, update to the kernel-rt package version 4.18.0-305.72.1.rt7.144.el8_4 or newer.
What vulnerabilities are addressed in RHSA-2022:8765?
RHSA-2022:8765 addresses a specific vulnerability in the openvswitch component linked to CVE-2022-2639.
Who is affected by RHSA-2022:8765?
Users of the affected kernel-rt packages on Red Hat systems are at risk due to the identified vulnerability.
When was RHSA-2022:8765 released?
RHSA-2022:8765 was released as a security advisory to address vulnerabilities in the Real Time Linux Kernel.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/remedy
agent/title
agent/references
agent/tags
agent/description
agent/event
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:8765
agent/software-canonical-lookup
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2022:8765?
The severity of RHSA-2022:8765 is classified as a security issue that can lead to an out-of-bounds write due to an integer underflow.
How do I fix RHSA-2022:8765?
To fix RHSA-2022:8765, update to the kernel-rt package version 4.18.0-305.72.1.rt7.144.el8_4 or newer.
What vulnerabilities are addressed in RHSA-2022:8765?
RHSA-2022:8765 addresses a specific vulnerability in the openvswitch component linked to CVE-2022-2639.
Who is affected by RHSA-2022:8765?
Users of the affected kernel-rt packages on Red Hat systems are at risk due to the identified vulnerability.
When was RHSA-2022:8765 released?
RHSA-2022:8765 was released as a security advisory to address vulnerabilities in the Real Time Linux Kernel.

RHSA-2022:8765: Important: kernel-rt security and bug fix update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:8765?

How do I fix RHSA-2022:8765?

What vulnerabilities are addressed in RHSA-2022:8765?

Who is affected by RHSA-2022:8765?

When was RHSA-2022:8765 released?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2022:8765?

How do I fix RHSA-2022:8765?

What vulnerabilities are addressed in RHSA-2022:8765?

Who is affected by RHSA-2022:8765?

When was RHSA-2022:8765 released?