alsa-2022:6460
Vulnerability from osv_almalinux
Published
2022-09-13 00:00
Modified
2022-10-13 10:54
Summary
Moderate: kernel security, bug fix, and enhancement update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
- Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
- Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)
- slub corruption during LPM of hnv interface (BZ#2081250)
- Affinity broken due to vector space exhaustion (BZ#2084646)
- 'rmmod pmt_telemetry' panics on ADL-P IOTG (BZ#2091079)
- Unable to boot AlmaLinux-8.6 on Brazos max. config (Install is success) (BZ#2092241)
- kernel crash after reboot of T14/G2 AMD laptop (mt7921e module) (BZ#2095654)
- mt7921: free resources on pci_probe error path (BZ#2101684)
- NLM should be more defensive if underlying FS changes fl_owner (BZ#2102099)
- AlmaLinux8/async-pf Guest call trace when reboot after postcopy migration with high stress workload (BZ#2105340)
- execve exit tracepoint not called (BZ#2106662)
- QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)
- KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)
- KVM selftests fail to compile (BZ#2107655)
- Some monitor have no display with AMD W6400 when boot into OS. (BZ#2109826)
- Percpu counter usage is gradually getting increasing during podman container recreation. (BZ#2110039)
- multipath failed to recover after EEH hit on flavafish adapter on Denali(qla2xxx/flavafish/AlmaLinux8.6/Denali) (BZ#2110768)
- soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)
- trouble re-assigning MACs to VFs, ice stricter than other drivers (BZ#2111936)
- Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)
- Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117026)
- Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)
- kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)
- ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)
- bridge over bond over ice ports has no connection (BZ#2118580)
- Fix max VLANs available for VF (BZ#2118581)
- offline selftest failed (BZ#2118582)
- INTEL NVMUpdate utility ver 3.20 is failing to update firmware on E810-XXVDA4T (WPC) (BZ#2118583)
- VM configured with failover interface will coredump after been migrating from source host to target host(only iavf driver) (BZ#2118705)
- Fix max VLANs available for untrusted VF (BZ#2118707)
- Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset (BZ#2120776)
Enhancement(s):
- KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)
- KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)
- ice: Driver Update (BZ#2102359)
- iavf: Driver Update (BZ#2102360)
- iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "bpftool"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.18.0-372.26.1.el8_6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)\n* Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)\n* Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Bad page state in process qemu-kvm pfn:68a74600 (BZ#2081013)\n* slub corruption during LPM of hnv interface (BZ#2081250)\n* Affinity broken due to vector space exhaustion (BZ#2084646)\n* \u0027rmmod pmt_telemetry\u0027 panics on ADL-P IOTG (BZ#2091079)\n* Unable to boot AlmaLinux-8.6 on Brazos max. config (Install is success) (BZ#2092241)\n* kernel crash after reboot of T14/G2 AMD laptop (mt7921e module) (BZ#2095654)\n* mt7921: free resources on pci_probe error path (BZ#2101684)\n* NLM should be more defensive if underlying FS changes fl_owner (BZ#2102099)\n* AlmaLinux8/async-pf Guest call trace when reboot after postcopy migration with high stress workload (BZ#2105340)\n* execve exit tracepoint not called (BZ#2106662)\n* QProcess dead lock on kernel-4.18.0-358 (BZ#2107643)\n* KVM fix guest FPU uABI size to kvm_xsave (BZ#2107652)\n* KVM selftests fail to compile (BZ#2107655)\n* Some monitor have no display with AMD W6400 when boot into OS. (BZ#2109826)\n* Percpu counter usage is gradually getting increasing during podman container recreation. (BZ#2110039)\n* multipath failed to recover after EEH hit on flavafish adapter on Denali(qla2xxx/flavafish/AlmaLinux8.6/Denali) (BZ#2110768)\n* soft lockups under heavy I/O load to ahci connected SSDs (BZ#2110772)\n* trouble re-assigning MACs to VFs, ice stricter than other drivers (BZ#2111936)\n* Intel MPI 2019.0 - mpirun stuck on latest kernel (BZ#2112030)\n* Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117026)\n* Hyper-V 2019 Dynamic Memory Problem hv_balloon (BZ#2117050)\n* kernel BUG at kernel/sched/deadline.c:1561! (BZ#2117410)\n* ALSA (sound) driver - update Intel SOF kcontrol code (BZ#2117732)\n* bridge over bond over ice ports has no connection (BZ#2118580)\n* Fix max VLANs available for VF (BZ#2118581)\n* offline selftest failed (BZ#2118582)\n* INTEL NVMUpdate utility ver 3.20 is failing to update firmware on E810-XXVDA4T (WPC) (BZ#2118583)\n* VM configured with failover interface will coredump after been migrating from source host to target host(only iavf driver) (BZ#2118705)\n* Fix max VLANs available for untrusted VF (BZ#2118707)\n* Softlockup on infinite loop in task_get_css() for a CSS_DYING cpuset (BZ#2120776)\n\nEnhancement(s):\n\n* KVM Sapphire Rapids (SPR) AMX Instructions (BZ#2088287)\n* KVM Sapphire Rapids (SPR) AMX Instructions part2 (BZ#2088288)\n* ice: Driver Update (BZ#2102359)\n* iavf: Driver Update (BZ#2102360)\n* iommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (BZ#2112983)",
"id": "ALSA-2022:6460",
"modified": "2022-10-13T10:54:31Z",
"published": "2022-09-13T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2022:6460"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-21123"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-21125"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-21166"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090237"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090240"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090241"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2022-6460.html"
}
],
"related": [
"CVE-2022-21123",
"CVE-2022-21125",
"CVE-2022-21166"
],
"summary": "Moderate: kernel security, bug fix, and enhancement update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…