CVE-2022-28893
Description
Moderate: kernel security, bug fix, and enhancement update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description kernel: use after free in SUNRPC subsystem Red Hat statement This flaw can be mitigated by preventing the affected SUNRPC driver (sunrpc) kernel module from loading during the boot time, ensuring the module is added to the blacklist file. ~~~ Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~ CVSS v3: 6.6โฆ
Description
kernel: use after free in SUNRPC subsystem
Red Hat statement
This flaw can be mitigated by preventing the affected SUNRPC driver (sunrpc) kernel module from loading during the boot time, ensuring the module is added to the blacklist file. ~~~ Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~
CVSS v3: 6.6 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-425.3.1.rt7.213.el8 | RHSA-2022:7444 | 2022-11-08T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-425.3.1.el8 | RHSA-2022:7683 | 2022-11-08T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Extended Update Support | kernel-0:4.18.0-372.91.1.el8_6 | RHSA-2024:0724 | 2024-02-07T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-162.6.1.el9_1 | RHSA-2022:8267 | 2022-11-15T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-rt-0:5.14.0-162.6.1.rt21.168.el9_1 | RHSA-2022:7933 | 2022-11-15T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-162.6.1.el9_1 | RHSA-2022:8267 | 2022-11-15T00:00:00Z |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | kernel-0:4.18.0-372.91.1.el8_6 | RHSA-2024:0724 | 2024-02-07T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
Apply commands
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtOS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | โ |
AlmaLinux Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | kernel-rt-debug-core-5.14.0-162.6.1.rt21.168.el9_1.x86_64.rpm |
| 8 | Fixed | kernel-doc-4.18.0-425.3.1.el8.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 5.17.3-1 |
| sid | Fixed | 5.17.3-1 |
| forky | Fixed | 5.17.3-1 |
| bullseye | Fixed | 5.10.120-1 |
| bookworm | Fixed | 5.17.3-1 |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | โ |
| 8 | Fixed | โ |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | โ |
References
- https://access.redhat.com/errata/RHSA-2022:7933
- https://bugzilla.redhat.com/1980646
- https://bugzilla.redhat.com/2037386
- https://bugzilla.redhat.com/2051444
- https://bugzilla.redhat.com/2052312
- https://bugzilla.redhat.com/2053632
- https://bugzilla.redhat.com/2058395
- https://bugzilla.redhat.com/2059928
- https://bugzilla.redhat.com/2066614
- https://bugzilla.redhat.com/2066706
- https://bugzilla.redhat.com/2066819
- https://bugzilla.redhat.com/2070205
- https://bugzilla.redhat.com/2071022
- https://bugzilla.redhat.com/2073064
- https://bugzilla.redhat.com/2074208
- https://bugzilla.redhat.com/2084125
- https://bugzilla.redhat.com/2084183
- https://bugzilla.redhat.com/2084479
- https://bugzilla.redhat.com/2088021
- https://bugzilla.redhat.com/2089815
- https://bugzilla.redhat.com/2090226
- https://bugzilla.redhat.com/2090237
- https://bugzilla.redhat.com/2090240
- https://bugzilla.redhat.com/2090241
- https://bugzilla.redhat.com/2103148
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.