CVE-2022-2639
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.5
Description
Moderate: kernel security, bug fix, and enhancement update
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Source: Red Hat Errata โ Red Hat Inc. ยท View original โ ยท Open-Errata-API
Description kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() Red Hat statement The `openvswitch` is not supported out of the Layered Products subscriptions (OCP, OSP, RHV). There are no Layered Products based on Red Hat Enterprise Linux 7 at the present time. Therefore, this CVE is not planned to be addressed on Red Hat Enterprise Linux 7. CVSS v3: 7.8โฆ
Description
kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat statement
The `openvswitch` is not supported out of the Layered Products subscriptions (OCP, OSP, RHV). There are no Layered Products based on Red Hat Enterprise Linux 7 at the present time. Therefore, this CVE is not planned to be addressed on Red Hat Enterprise Linux 7.
CVSS v3: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-425.3.1.rt7.213.el8 | RHSA-2022:7444 | 2022-11-08T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-425.3.1.el8 | RHSA-2022:7683 | 2022-11-08T00:00:00Z |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | kernel-0:4.18.0-147.78.1.el8_1 | RHSA-2023:0058 | 2023-01-10T00:00:00Z |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | kpatch-patch | RHSA-2023:0059 | 2023-01-10T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | kernel-0:4.18.0-193.95.1.el8_2 | RHSA-2022:8940 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | kernel-rt-0:4.18.0-193.95.1.rt13.146.el8_2 | RHSA-2022:8941 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | kernel-0:4.18.0-193.95.1.el8_2 | RHSA-2022:8940 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | kernel-0:4.18.0-193.95.1.el8_2 | RHSA-2022:8940 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | kpatch-patch | RHSA-2022:8989 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kernel-rt-0:4.18.0-305.72.1.rt7.144.el8_4 | RHSA-2022:8765 | 2022-12-02T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kernel-0:4.18.0-305.72.1.el8_4 | RHSA-2022:8767 | 2022-12-02T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support | kpatch-patch | RHSA-2022:8768 | 2022-12-02T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | kernel-0:4.18.0-372.36.1.el8_6 | RHSA-2022:8809 | 2022-12-06T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | kpatch-patch | RHSA-2022:8831 | 2022-12-06T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-162.6.1.el9_1 | RHSA-2022:8267 | 2022-11-15T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-rt-0:5.14.0-162.6.1.rt21.168.el9_1 | RHSA-2022:7933 | 2022-11-15T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-162.6.1.el9_1 | RHSA-2022:8267 | 2022-11-15T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel-0:5.14.0-70.36.1.el9_0 | RHSA-2022:8973 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kernel-rt-0:5.14.0-70.36.1.rt21.108.el9_0 | RHSA-2022:8974 | 2022-12-13T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Extended Update Support | kpatch-patch | RHSA-2022:9082 | 2022-12-15T00:00:00Z |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | kernel-0:4.18.0-372.36.1.el8_6 | RHSA-2022:8809 | 2022-12-06T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected |
| Red Hat Enterprise Linux 7 | kernel | Will not fix |
| Red Hat Enterprise Linux 7 | kernel-rt | Will not fix |
Apply commands
Apply RHSA-2022:7444 for Red Hat Enterprise Linux 8
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Not affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | โ |
AlmaLinux Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm |
| 8 | Fixed | kernel-doc-4.18.0-425.3.1.el8.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 5.17.6-1 |
| sid | Fixed | 5.17.6-1 |
| forky | Fixed | 5.17.6-1 |
| bullseye | Fixed | 5.10.113-1 |
| bookworm | Fixed | 5.17.6-1 |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | โ |
| 8 | Fixed | โ |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | โ |
References
- https://access.redhat.com/errata/RHSA-2022:7933
- https://bugzilla.redhat.com/1980646
- https://bugzilla.redhat.com/2037386
- https://bugzilla.redhat.com/2051444
- https://bugzilla.redhat.com/2052312
- https://bugzilla.redhat.com/2053632
- https://bugzilla.redhat.com/2058395
- https://bugzilla.redhat.com/2059928
- https://bugzilla.redhat.com/2066614
- https://bugzilla.redhat.com/2066706
- https://bugzilla.redhat.com/2066819
- https://bugzilla.redhat.com/2070205
- https://bugzilla.redhat.com/2071022
- https://bugzilla.redhat.com/2073064
- https://bugzilla.redhat.com/2074208
- https://bugzilla.redhat.com/2084125
- https://bugzilla.redhat.com/2084183
- https://bugzilla.redhat.com/2084479
- https://bugzilla.redhat.com/2088021
- https://bugzilla.redhat.com/2089815
- https://bugzilla.redhat.com/2090226
- https://bugzilla.redhat.com/2090237
- https://bugzilla.redhat.com/2090240
- https://bugzilla.redhat.com/2090241
- https://bugzilla.redhat.com/2103148
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.