mickmick.net

RedHat Linux Kernel Multiple Vulnerabilities

Release Date: 6 Apr 2023

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.

---

Impact

• Remote Code Execution
• Elevation of Privilege
• Information Disclosure

---

System / Technologies affected

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat Enterprise Linux Server - AUS 8.2 x86_64
• Red Hat Enterprise Linux Server - AUS 8.4 x86_64
• Red Hat Enterprise Linux Server - AUS 8.6 x86_64
• Red Hat Enterprise Linux Server - TUS 8.2 x86_64
• Red Hat Enterprise Linux Server - TUS 8.4 x86_64
• Red Hat Enterprise Linux Server - TUS 8.6 x86_64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
• Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
• Red Hat Enterprise Linux for Real Time 8 x86_64
• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
• Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Virtualization Host 4 for RHEL 8 x86_64

 

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://access.redhat.com/errata/RHSA-2023:1588
• https://access.redhat.com/errata/RHSA-2023:1584
• https://access.redhat.com/errata/RHSA-2023:1566
• https://access.redhat.com/errata/RHSA-2023:1560
• https://access.redhat.com/errata/RHSA-2023:1559
• https://access.redhat.com/errata/RHSA-2023:1557
• https://access.redhat.com/errata/RHSA-2023:1556
• https://access.redhat.com/errata/RHSA-2023:1554

---

Vulnerability Identifier

• CVE-2022-3564
• CVE-2022-4269
• CVE-2022-4378
• CVE-2023-0266
• CVE-2023-0386
• CVE-2023-0461

---

Source

• AusCERT
• Redhat

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2023.1969
• https://www.auscert.org.au/bulletins/ESB-2023.1967
• https://www.auscert.org.au/bulletins/ESB-2023.1963
• https://www.auscert.org.au/bulletins/ESB-2023.1962
• https://www.auscert.org.au/bulletins/ESB-2023.1961
• https://www.auscert.org.au/bulletins/ESB-2023.1960
• https://www.auscert.org.au/bulletins/ESB-2023.1959
• https://www.auscert.org.au/bulletins/ESB-2023.1958
• https://access.redhat.com/errata/RHSA-2023:1588
• https://access.redhat.com/errata/RHSA-2023:1584
• https://access.redhat.com/errata/RHSA-2023:1566
• https://access.redhat.com/errata/RHSA-2023:1560
• https://access.redhat.com/errata/RHSA-2023:1559
• https://access.redhat.com/errata/RHSA-2023:1557
• https://access.redhat.com/errata/RHSA-2023:1556
• https://access.redhat.com/errata/RHSA-2023:1554