RHSA-2022:0849HighCVSS 8.8
Red Hat Security Advisory: kpatch-patch security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2021-0920 — kernel: Use After Free in unix_gc() which could result in a local privilege escalation CVE-2021-4154 — kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout CVE-2022-0330 — kernel: possible privileges escalation due to missing TLB flush CVE-2022-0435 — kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS CVE-2022-0492 — kernel: cgroups v1 release_agent feature may allow privilege escalation CVE-2022-22942 — kernel: failing usercopy allows for use-after-free exploitation
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2022:0849
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2031930
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2034514
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2042404
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2044809
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2048738
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2051505
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0849.json