RHSA-2023:1470: Important: kernel security, bug fix, and enhancement update
First published: Mon Mar 27 2023(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux operating system.<br>Security Fix(es):<br><li> kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)</li> <li> ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)</li> <li> kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127880)</li> <li> Cgroups_v2, when creating new cgroup/container, resets the cpu affinity masks for all usr processes on the system. (BZ#2143766)</li> <li> RHEL9.0 - boot: Add secure boot trailer (BZ#2151528)</li> <li> kernel-rt-debug: WARNING: possible circular locking dependency detected (&n->list_lock->&p->pi_lock->&lock->wait_lock) (BZ#2160614)</li> <li> Support cpuset.sched_load_balance by changing default CPUset directory structure (BZ#2161105)</li> <li> RHEL9.0 - s390/kexec: fix ipl report address for kdump (BZ#2166903)</li> <li> libgpiod doesn't seem to work with Interphase gpiochip (BZ#2166956)</li> <li> Azure RHEL9 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170227)</li> Enhancement(s):<br><li> IBM 9.2 FEAT: Upgrade the QETH driver to latest from upstream, e.g. kernel 6.0 (BZ#2166304)</li> <li> Intel 9.2 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168382)</li>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-abi-stablelists | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-doc | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-libs | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debuginfo-common-s390x | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-zfcpdump-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-core | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debug-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-debuginfo-common-ppc64le | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-devel-matched | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-modules-extra | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-libs | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/python3-perf-debuginfo | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/bpftool | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/bpftool-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-core | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-core | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-devel | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-devel-matched | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-modules | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debug-modules-extra | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-debuginfo-common-aarch64 | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-devel | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-devel-matched | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-headers | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-modules | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-modules-extra | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-tools | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-tools-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-tools-libs | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/perf | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/perf-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/python3-perf | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/python3-perf-debuginfo | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-cross-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-libs-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-cross-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-tools-libs-devel | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
| redhat/kernel-cross-headers | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-tools-libs-devel | <5.14.0-162.22.2.el9_1.aa | 5.14.0-162.22.2.el9_1.aa |
| redhat/kernel-cross-headers | <5.14.0-162.22.2.el9_1 | 5.14.0-162.22.2.el9_1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2023:1470?
The severity of RHSA-2023:1470 is classified as important due to its potential impact on system stability and security.
What vulnerabilities are addressed in RHSA-2023:1470?
RHSA-2023:1470 addresses multiple vulnerabilities, including CVE-2022-4744, CVE-2023-0266, among others affecting the kernel and related packages.
How do I fix RHSA-2023:1470?
To fix RHSA-2023:1470, you should update your kernel and affected packages to version 5.14.0-162.22.2.el9_1 or later.
What packages are affected by RHSA-2023:1470?
Affected packages include the kernel, bpftool, and their respective debug and development packages across various architectures.
Is a reboot required after applying the fix for RHSA-2023:1470?
Yes, a reboot is recommended after applying the fix for RHSA-2023:1470 to ensure all changes take effect.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/title
- agent/references
- agent/description
- agent/event
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2023:1470
- agent/software-canonical-lookup
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat