Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4256: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
  • CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
Red Hat Security Data
#vulnerability#windows#linux#red_hat#rpm#sap

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
  • kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • s390/qeth: cache link_info for ethtool (BZ#2174365)
  • RHEL8.4 - kernel: fix __clear_user() inline assembly constraints (BZ#2192605)
  • ice: ptp4l cpu usage spikes (BZ#2203288)
  • 40%~70% block performance regression for localfs backend write between kernel-4.18.0-235.el8.x86_64 and kernel-4.18.0-277.el8.x86_64 (BZ#2204516)
  • Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208287)
  • simultaneous writes to a page on xfs can result in zero-byte data (BZ#2208413)
  • Windows Server 2019 guest randomly pauses with “KVM: entry failed, hardware error 0x80000021” [rhel8.8GA] (BZ#2211662)
  • [Marvell 8.7 Bug] qedi shutdown handler hangs upon reboot (BZ#2215333)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
  • BZ - 2196105 - CVE-2023-32233 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

kernel-4.18.0-305.97.1.el8_4.src.rpm

SHA-256: c70d9f8240ed6db3b88f03049bb672e476bb0a2e5a31310e95087389c81c56e7

x86_64

bpftool-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 9ef336dc58f80132e1ca979bfee4afee4f46e3b3fad23f0e58e7b7cc3cd6bd4b

bpftool-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c3fbb749374c08517585f78cf3a4946acad1e53291b081dba93b908819fb2f65

kernel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: b422f19cf74f4028824c5e2568e6d3eb7d9e5b81b2f469d49700ab6ffd935a79

kernel-abi-stablelists-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 50fe41e4dcf0b6051ef9d9259c4155a8f69dc7216856b7473c9a0bc46f504b38

kernel-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: ef3cc4aa819d54a51362ed474920449274e1a41b624d38a044d7ce05e18863ff

kernel-cross-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e589ce83543ce1cca4c0a0923768aac9ce3a9dc9ea96fc39619d2ff233ee9c97

kernel-debug-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f6be60568491c39f09fabe60126b748379d0fb47c7debf5036d4e0e466ef6c6e

kernel-debug-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e6bb4bc7a75ce5126bac7f6df62983c999437eb43610e2d611530395821ce691

kernel-debug-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 71da86b49c4299df4a1b1f6890c4f9a58e76fec991d1df758f491f77a757dbce

kernel-debug-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 05d7a483a773e60386c99681e1d7404e344d38e71df0c4f98bd2eb9eaf3c7d40

kernel-debug-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f37c220a36c0f758f1b201d2f923266b603ca598207ba4e5b9405483cb521f1d

kernel-debug-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f1c970ca1648645fb16507a10cfa1f2287f46053280dc0f908aaa4d55b8d3b50

kernel-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 7608f53a998989430e3dd46d44c16e21aa43f1f33b5dce7d05e1fe22f9abd5af

kernel-debuginfo-common-x86_64-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 638d6eaaec9244047de2192549cafc93f429cb5da4d4978f49a20db8f8aab074

kernel-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 1c6a3172b505278b1b67dfc7dee140b531e505d0cbcc9350f2f32f7b61e0e34d

kernel-doc-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 00e6b005f5aa387bfbd0f7d8e4504b369240956b706ff502c613c398af730f0f

kernel-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 3d3d3a918a30764115cfbb379f4585a1983edf153a724a47d2fed017848c46e3

kernel-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 078c035785d7de9641b9d1b6969ed856aed70169cab5523bfcc7e6d4a433b548

kernel-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e9676fb272ed1e192a8c07d9d589c3d08841b0c8fa0eb6eb26883f81e124818f

kernel-tools-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f8d585122bd52f175ed398517fab0b1db336391840da198869058fd74a9d1e88

kernel-tools-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 111b8cb132a927511e936b6460944d770b27d132a15f57f12376e3652f07423b

kernel-tools-libs-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d35896587690b8fe476e7f2c38d42d9a94c469a4c0a41eabc50ac72e1987debb

perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c469aa820f9d76d2d543def0781d585768e9b21f5ad6608b7683938d20c0ed90

perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: bc15ee3e276875e77bb96c6ff0a32adf05dda8c129751590767f3c4adbe2ab82

python3-perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 70f1eb06952b57133e58ce91a86c537b90fca5a0b43205812f6e2d28b92d5f7f

python3-perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d87dcf98e70489c27c0a9c05412c06f40c9235be912c16a0752607b793d7e950

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

kernel-4.18.0-305.97.1.el8_4.src.rpm

SHA-256: c70d9f8240ed6db3b88f03049bb672e476bb0a2e5a31310e95087389c81c56e7

x86_64

bpftool-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 9ef336dc58f80132e1ca979bfee4afee4f46e3b3fad23f0e58e7b7cc3cd6bd4b

bpftool-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c3fbb749374c08517585f78cf3a4946acad1e53291b081dba93b908819fb2f65

kernel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: b422f19cf74f4028824c5e2568e6d3eb7d9e5b81b2f469d49700ab6ffd935a79

kernel-abi-stablelists-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 50fe41e4dcf0b6051ef9d9259c4155a8f69dc7216856b7473c9a0bc46f504b38

kernel-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: ef3cc4aa819d54a51362ed474920449274e1a41b624d38a044d7ce05e18863ff

kernel-cross-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e589ce83543ce1cca4c0a0923768aac9ce3a9dc9ea96fc39619d2ff233ee9c97

kernel-debug-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f6be60568491c39f09fabe60126b748379d0fb47c7debf5036d4e0e466ef6c6e

kernel-debug-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e6bb4bc7a75ce5126bac7f6df62983c999437eb43610e2d611530395821ce691

kernel-debug-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 71da86b49c4299df4a1b1f6890c4f9a58e76fec991d1df758f491f77a757dbce

kernel-debug-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 05d7a483a773e60386c99681e1d7404e344d38e71df0c4f98bd2eb9eaf3c7d40

kernel-debug-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f37c220a36c0f758f1b201d2f923266b603ca598207ba4e5b9405483cb521f1d

kernel-debug-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f1c970ca1648645fb16507a10cfa1f2287f46053280dc0f908aaa4d55b8d3b50

kernel-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 7608f53a998989430e3dd46d44c16e21aa43f1f33b5dce7d05e1fe22f9abd5af

kernel-debuginfo-common-x86_64-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 638d6eaaec9244047de2192549cafc93f429cb5da4d4978f49a20db8f8aab074

kernel-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 1c6a3172b505278b1b67dfc7dee140b531e505d0cbcc9350f2f32f7b61e0e34d

kernel-doc-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 00e6b005f5aa387bfbd0f7d8e4504b369240956b706ff502c613c398af730f0f

kernel-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 3d3d3a918a30764115cfbb379f4585a1983edf153a724a47d2fed017848c46e3

kernel-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 078c035785d7de9641b9d1b6969ed856aed70169cab5523bfcc7e6d4a433b548

kernel-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e9676fb272ed1e192a8c07d9d589c3d08841b0c8fa0eb6eb26883f81e124818f

kernel-tools-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f8d585122bd52f175ed398517fab0b1db336391840da198869058fd74a9d1e88

kernel-tools-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 111b8cb132a927511e936b6460944d770b27d132a15f57f12376e3652f07423b

kernel-tools-libs-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d35896587690b8fe476e7f2c38d42d9a94c469a4c0a41eabc50ac72e1987debb

perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c469aa820f9d76d2d543def0781d585768e9b21f5ad6608b7683938d20c0ed90

perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: bc15ee3e276875e77bb96c6ff0a32adf05dda8c129751590767f3c4adbe2ab82

python3-perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 70f1eb06952b57133e58ce91a86c537b90fca5a0b43205812f6e2d28b92d5f7f

python3-perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d87dcf98e70489c27c0a9c05412c06f40c9235be912c16a0752607b793d7e950

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

kernel-4.18.0-305.97.1.el8_4.src.rpm

SHA-256: c70d9f8240ed6db3b88f03049bb672e476bb0a2e5a31310e95087389c81c56e7

ppc64le

bpftool-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: c2d8ef99df195ee143591693b90874607c8ebaf694ff1aec49ded026ad8b3291

bpftool-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 066023a15e58faf2517ac1a063802ab6e2fb62f2e584d9b3188f0b4649717604

kernel-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 6a09219261e9e8589c1bc54254d8f16d7687d98915c08239a79f8bd77d56863f

kernel-abi-stablelists-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 50fe41e4dcf0b6051ef9d9259c4155a8f69dc7216856b7473c9a0bc46f504b38

kernel-core-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 1021245be6a4398174953ef97e3ed391e25aef6774cd06170616a84a51391654

kernel-cross-headers-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: da01d51f3510b185b280d6a5db32531965316b89fe41442c71422f8a084e0cf3

kernel-debug-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 63a2c19a307f0fdfbc7d11c77bd2d6155d8637a8dd27cfc8b350f62754d1587f

kernel-debug-core-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 34a315244b2176e36422783225c25dc78ae98b6fda072db0480119f58ae7d41b

kernel-debug-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: aea5003898bb5761f190bc7fb98d4e9ebacae1ad1ed996af742c2d30ec2a8d98

kernel-debug-devel-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: aa361463e2a9e2e0f8216352063d445a1b54d587c88e93c0b4449386183ff8fa

kernel-debug-modules-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 9527421b244924a29e55c6055f809cc3c64cd8a870e9bbd75134d993c47837fb

kernel-debug-modules-extra-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: f8427a75e0423cc655402256c466d23056478a3425162b0b451c8e6a668ffb4d

kernel-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 9302d4e701cce6fdd2eaa07effddb95fb217ec87f43337f496000b3f2cb39053

kernel-debuginfo-common-ppc64le-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: c9d27aad2db4263ec756ed327ec069ad4ca33995706bea215684ae3fad22d727

kernel-devel-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: c56fb82625ede5c42f26afb222df12a01bb504dc450b25682b96c92b497b8220

kernel-doc-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 00e6b005f5aa387bfbd0f7d8e4504b369240956b706ff502c613c398af730f0f

kernel-headers-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 2b7dd91fa4e7e47b7e5f359045d13992f1b68bfd196204c23e46ba511643a6a6

kernel-modules-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 2b03f58af3674e75c35b37a20e32d2f8d07f5861e2664e9b8c36deeea418daa8

kernel-modules-extra-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 2723fe2bddf4301cf2d00ab24dec499d4dd1bd43de7d797188ca8b2dfa54a88b

kernel-tools-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: c46a1c20f16c1321317adbd18da7a5817988d1645c4aab8780d20b89dc9c8936

kernel-tools-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: e407a7b4ce4f683a49afef7d3e3df46a8c32c843679b5ad50b273a4c9e051df4

kernel-tools-libs-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 7a642089687380308e24bf6f61148daf497f8363743aa4c93c98b5fde2358271

perf-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: bd8005863dd912ff22ba9fb8d299977d7863d10f3663628a8a0c946a241dfa4c

perf-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 5a484fd4438192d7acd528fbc1a62aa56d3ac8347134bdf9ac44ce2690fd647f

python3-perf-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 2d30c28268b17d2985b14224a9e83d0229a280101329907bf221179f648b15be

python3-perf-debuginfo-4.18.0-305.97.1.el8_4.ppc64le.rpm

SHA-256: 4e03a8f45eb70c19c14af20177f92fb5b89330a080712b2bc9bb9b142612d567

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM

kernel-4.18.0-305.97.1.el8_4.src.rpm

SHA-256: c70d9f8240ed6db3b88f03049bb672e476bb0a2e5a31310e95087389c81c56e7

x86_64

bpftool-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 9ef336dc58f80132e1ca979bfee4afee4f46e3b3fad23f0e58e7b7cc3cd6bd4b

bpftool-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c3fbb749374c08517585f78cf3a4946acad1e53291b081dba93b908819fb2f65

kernel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: b422f19cf74f4028824c5e2568e6d3eb7d9e5b81b2f469d49700ab6ffd935a79

kernel-abi-stablelists-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 50fe41e4dcf0b6051ef9d9259c4155a8f69dc7216856b7473c9a0bc46f504b38

kernel-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: ef3cc4aa819d54a51362ed474920449274e1a41b624d38a044d7ce05e18863ff

kernel-cross-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e589ce83543ce1cca4c0a0923768aac9ce3a9dc9ea96fc39619d2ff233ee9c97

kernel-debug-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f6be60568491c39f09fabe60126b748379d0fb47c7debf5036d4e0e466ef6c6e

kernel-debug-core-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e6bb4bc7a75ce5126bac7f6df62983c999437eb43610e2d611530395821ce691

kernel-debug-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 71da86b49c4299df4a1b1f6890c4f9a58e76fec991d1df758f491f77a757dbce

kernel-debug-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 05d7a483a773e60386c99681e1d7404e344d38e71df0c4f98bd2eb9eaf3c7d40

kernel-debug-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f37c220a36c0f758f1b201d2f923266b603ca598207ba4e5b9405483cb521f1d

kernel-debug-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f1c970ca1648645fb16507a10cfa1f2287f46053280dc0f908aaa4d55b8d3b50

kernel-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 7608f53a998989430e3dd46d44c16e21aa43f1f33b5dce7d05e1fe22f9abd5af

kernel-debuginfo-common-x86_64-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 638d6eaaec9244047de2192549cafc93f429cb5da4d4978f49a20db8f8aab074

kernel-devel-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 1c6a3172b505278b1b67dfc7dee140b531e505d0cbcc9350f2f32f7b61e0e34d

kernel-doc-4.18.0-305.97.1.el8_4.noarch.rpm

SHA-256: 00e6b005f5aa387bfbd0f7d8e4504b369240956b706ff502c613c398af730f0f

kernel-headers-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 3d3d3a918a30764115cfbb379f4585a1983edf153a724a47d2fed017848c46e3

kernel-modules-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 078c035785d7de9641b9d1b6969ed856aed70169cab5523bfcc7e6d4a433b548

kernel-modules-extra-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: e9676fb272ed1e192a8c07d9d589c3d08841b0c8fa0eb6eb26883f81e124818f

kernel-tools-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: f8d585122bd52f175ed398517fab0b1db336391840da198869058fd74a9d1e88

kernel-tools-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 111b8cb132a927511e936b6460944d770b27d132a15f57f12376e3652f07423b

kernel-tools-libs-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d35896587690b8fe476e7f2c38d42d9a94c469a4c0a41eabc50ac72e1987debb

perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: c469aa820f9d76d2d543def0781d585768e9b21f5ad6608b7683938d20c0ed90

perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: bc15ee3e276875e77bb96c6ff0a32adf05dda8c129751590767f3c4adbe2ab82

python3-perf-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: 70f1eb06952b57133e58ce91a86c537b90fca5a0b43205812f6e2d28b92d5f7f

python3-perf-debuginfo-4.18.0-305.97.1.el8_4.x86_64.rpm

SHA-256: d87dcf98e70489c27c0a9c05412c06f40c9235be912c16a0752607b793d7e950

Related news

CVE-2023-45085: Releases - HyperCloud Docs

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process.  In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.

Red Hat Security Advisory 2023-5621-01

Red Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:5419: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...

Red Hat Security Advisory 2023-4699-01

Red Hat Security Advisory 2023-4699-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

CVE-2023-33953: Security Bulletins

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...

Red Hat Security Advisory 2023-4531-01

Red Hat Security Advisory 2023-4531-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:4541: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...

Red Hat Security Advisory 2023-4145-01

Red Hat Security Advisory 2023-4145-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4130-01

Red Hat Security Advisory 2023-4130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:4145: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-after-fr...

RHSA-2023:3853: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...

RHSA-2023:3852: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-afte...

RHSA-2023:3853: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...

Ubuntu Security Notice USN-6149-1

Ubuntu Security Notice 6149-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

RHSA-2023:3470: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's udm...

Red Hat Security Advisory 2023-3349-01

Red Hat Security Advisory 2023-3349-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6130-1

Ubuntu Security Notice 6130-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6127-1

Ubuntu Security Notice 6127-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6124-1

Ubuntu Security Notice 6124-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.

Ubuntu Security Notice USN-6123-1

Ubuntu Security Notice 6123-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.

RHSA-2023:3351: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially...

Debian Security Advisory 5402-1

Debian Linux Security Advisory 5402-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Ubuntu Security Notice USN-6031-1

Ubuntu Security Notice 6031-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Integrity Measurement Architecture implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions.

Ubuntu Security Notice USN-6030-1

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6027-1

Ubuntu Security Notice 6027-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6024-1

Ubuntu Security Notice 6024-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6025-1

Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.