CVE-2022-21123

medium

Published 2022-11-15 · Modified 2022-11-18

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

5.5

Description

Moderate: kernel security, bug fix, and enhancement update

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR) Red Hat statement Red Hat has very limited to no visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party…

Description

hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)

Red Hat statement

Red Hat has very limited to no visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA, and documentation) for releasing this content as RHSA. For more information please contact the binary content vendor.

CVSS v3: 6.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 7	`kernel-rt-0:3.10.0-1160.76.1.rt56.1220.el7`	RHSA-2022:5939	2022-08-09T00:00:00Z
Red Hat Enterprise Linux 7	`kernel-0:3.10.0-1160.76.1.el7`	RHSA-2022:5937	2022-08-09T00:00:00Z
Red Hat Enterprise Linux 8	`kernel-rt-0:4.18.0-372.26.1.rt7.183.el8_6`	RHSA-2022:6437	2022-09-13T00:00:00Z
Red Hat Enterprise Linux 8	`kernel-0:4.18.0-372.26.1.el8_6`	RHSA-2022:6460	2022-09-13T00:00:00Z
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	`kernel-0:4.18.0-147.76.1.el8_1`	RHSA-2022:6872	2022-10-11T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`kernel-0:4.18.0-193.93.1.el8_2`	RHSA-2022:7279	2022-11-01T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	`kernel-rt-0:4.18.0-193.93.1.rt13.143.el8_2`	RHSA-2022:7280	2022-11-01T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	`kernel-0:4.18.0-193.93.1.el8_2`	RHSA-2022:7279	2022-11-01T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	`kernel-0:4.18.0-193.93.1.el8_2`	RHSA-2022:7279	2022-11-01T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support	`kernel-rt-0:4.18.0-305.65.1.rt7.137.el8_4`	RHSA-2022:6991	2022-10-18T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support	`kernel-0:4.18.0-305.65.1.el8_4`	RHSA-2022:6983	2022-10-18T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-162.6.1.el9_1`	RHSA-2022:8267	2022-11-15T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-rt-0:5.14.0-162.6.1.rt21.168.el9_1`	RHSA-2022:7933	2022-11-15T00:00:00Z
Red Hat Enterprise Linux 9	`kernel-0:5.14.0-162.6.1.el9_1`	RHSA-2022:8267	2022-11-15T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support	`kernel-0:5.14.0-70.36.1.el9_0`	RHSA-2022:8973	2022-12-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support	`kernel-rt-0:5.14.0-70.36.1.rt21.108.el9_0`	RHSA-2022:8974	2022-12-13T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	`kernel-0:4.18.0-372.26.1.el8_6`	RHSA-2022:6460	2022-09-13T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 6	`kernel`	Affected
Red Hat Enterprise Linux 6	`microcode_ctl`	Affected
Red Hat Enterprise Linux 7	`microcode_ctl`	Affected
Red Hat Enterprise Linux 8	`microcode_ctl`	Affected
Red Hat Enterprise Linux 9	`microcode_ctl`	Affected

Apply commands

bash fix

Apply RHSA-2022:5939 for Red Hat Enterprise Linux 7

yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rt

Affected

Vendor	Product	Version
redhat	Red Hat Enterprise Linux 6	`Affected`
redhat	Red Hat Enterprise Linux 6	`Affected`
redhat	Red Hat Enterprise Linux 7	`Affected`
redhat	Red Hat Enterprise Linux 8	`Affected`
redhat	Red Hat Enterprise Linux 9	`Affected`

OS impact

SUSE Affected 1 release

Version	Status	Fixed in
—	Affected	—

AlmaLinux Fixed 2 releases

Version	Status	Fixed in
9	Fixed	`kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm`
8	Fixed	`kernel-rt-debug-4.18.0-372.26.1.rt7.183.el8_6.x86_64.rpm`

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`3.20220510.1`
sid	Fixed	`3.20220510.1`
forky	Fixed	`3.20220510.1`
bullseye	Fixed	`3.20220510.1~deb11u1`
bookworm	Fixed	`3.20220510.1`

Red Hat Fixed 2 releases

Version	Status	Fixed in
9	Fixed	—
8	Fixed	—

Rocky Linux Fixed 2 releases

Version	Status	Fixed in
9	Fixed	—
8	Fixed	—

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.