Headline
RHSA-2023:4125: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
- CVE-2023-1390: A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
- CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
- kernel: remote DoS in TIPC kernel module (CVE-2023-1390)
- kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- RHEL8.1 Snapshot3 - PVT:940:virt:4TB:LPM operation failed by returning HSCLA2CF, HSCL365C SRC’s - Linux partition suspend timeout (-> documentation/Linux Alert through LTC bug 182549) (BZ#2151218)
- i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (BZ#2171382)
- Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208288)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2176192 - CVE-2023-0461 kernel: net/ulp: use-after-free in listening ULP sockets
- BZ - 2178212 - CVE-2023-1390 kernel: remote DoS in TIPC kernel module
- BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
- BZ - 2196105 - CVE-2023-32233 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
CVEs
- CVE-2023-0461
- CVE-2023-1281
- CVE-2023-1390
- CVE-2023-32233
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
kernel-4.18.0-193.109.1.el8_2.src.rpm
SHA-256: b8a3ab7778424a84b61af9f5a8524ba61ce990e9d2470e5d46f410d605c8c272
x86_64
bpftool-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: d736a58da1e07bdeb42ff5492b4ec5c6ebdcf8e05e88f18a9f76df9a69f4f56f
bpftool-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8b0090924db1703d6775b45317f65eb1f27f85288dd0db97d50048d8affee5c2
kernel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8e4300d1adcc6c086ab041fa02273faef5edee09c39a17eea9fa30165d3a15bf
kernel-abi-whitelists-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: f7762873d5eeb304cb5873fb4f93feab2991f7db598231d034a82e1601c384be
kernel-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62a7c1e9e328b7cc181d5fcd3f479bec7517208a14a2ddb6b18dcf18236ac6c8
kernel-cross-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 51ed57016f02142ee7c6789fd7799c4f8d2703196222f90eca38abaef67cc8f5
kernel-debug-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 26fceefa1f0b6819f15cdf62a00ec7b9c510837474856928e592a02fa2b0b500
kernel-debug-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 205c828d6d284965dde3cfe3fa79fb12ceea1b3653dc3ab3042a783d55c23575
kernel-debug-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: ea060e883c6c7a7bbf859024720badc9e7d48a05b80ab8f3f63dc022c8dc8b5a
kernel-debug-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e5ed31000ed03331a9c2ac638e1f32b671375e2b93979a72198fc69469f647ab
kernel-debug-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 67ca6341e59a9040dfce71542f5c3e219e75c005c701bf9b8d90bd016922d5a6
kernel-debug-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 6272078ee58e30b3bba3a2d9a22f117f9bd30433c5758e326998935e21e458ca
kernel-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 35d1d5f673919b64c8856f0ab0619a4f40810bb06546b36e66f771d37199f50f
kernel-debuginfo-common-x86_64-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e645fcb3a699e126cb33acbe6a99dd439dee48211df4435c8ebaf3b03d4ad789
kernel-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: c9d22ad9f1b4c7eceecab3cad47255fada80295ac3542e6363224b45afa1d8fd
kernel-doc-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: 2117228b09a852a7edb6e6c855bb270d44020314ae0800b478f3470c33cfc16b
kernel-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: aab265374b64eaf88e9679e745c3daae76c8b4113a202ca47954b19f512a0aba
kernel-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 4f6820719cb31a321e4462ba2a2dc62a9fe1af5d38130dc752d3522f3f70d248
kernel-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 588cb52e757f78e2f32b2a5b87091b4c0130fd06651049b636cef8b64611c86a
kernel-tools-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 498177073d0c1a5781b4eb68d4384494795161263edfc9f8fdb303176d8bc050
kernel-tools-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62e23ad40d3c9fd8453a1c2362a2a856c9598a9118982f6c71f8cc9445238d94
kernel-tools-libs-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: eb86bf31b47d40bcf71ed03d45e0ae1aae9f5c26273225b086e9f53eb0405550
perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dd8de8c016967f610b1a11fdb02e3d7be1d0db2a681dadb0f97a500653ccaa4b
perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dba687c4e5237b99c765355ea7a506ae7c37f8f51f66022aadf386e7e3febd51
python3-perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: b0d96dd11b62e878d4a1c565d8eb2c743d0eaeb8077c9771b05b0dfcc19f4b54
python3-perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: f22f22becbf4e33753224ffdc833d6b36fa3175adde2a30146aead69b67f3fab
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
kernel-4.18.0-193.109.1.el8_2.src.rpm
SHA-256: b8a3ab7778424a84b61af9f5a8524ba61ce990e9d2470e5d46f410d605c8c272
x86_64
bpftool-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: d736a58da1e07bdeb42ff5492b4ec5c6ebdcf8e05e88f18a9f76df9a69f4f56f
bpftool-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8b0090924db1703d6775b45317f65eb1f27f85288dd0db97d50048d8affee5c2
kernel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8e4300d1adcc6c086ab041fa02273faef5edee09c39a17eea9fa30165d3a15bf
kernel-abi-whitelists-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: f7762873d5eeb304cb5873fb4f93feab2991f7db598231d034a82e1601c384be
kernel-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62a7c1e9e328b7cc181d5fcd3f479bec7517208a14a2ddb6b18dcf18236ac6c8
kernel-cross-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 51ed57016f02142ee7c6789fd7799c4f8d2703196222f90eca38abaef67cc8f5
kernel-debug-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 26fceefa1f0b6819f15cdf62a00ec7b9c510837474856928e592a02fa2b0b500
kernel-debug-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 205c828d6d284965dde3cfe3fa79fb12ceea1b3653dc3ab3042a783d55c23575
kernel-debug-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: ea060e883c6c7a7bbf859024720badc9e7d48a05b80ab8f3f63dc022c8dc8b5a
kernel-debug-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e5ed31000ed03331a9c2ac638e1f32b671375e2b93979a72198fc69469f647ab
kernel-debug-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 67ca6341e59a9040dfce71542f5c3e219e75c005c701bf9b8d90bd016922d5a6
kernel-debug-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 6272078ee58e30b3bba3a2d9a22f117f9bd30433c5758e326998935e21e458ca
kernel-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 35d1d5f673919b64c8856f0ab0619a4f40810bb06546b36e66f771d37199f50f
kernel-debuginfo-common-x86_64-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e645fcb3a699e126cb33acbe6a99dd439dee48211df4435c8ebaf3b03d4ad789
kernel-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: c9d22ad9f1b4c7eceecab3cad47255fada80295ac3542e6363224b45afa1d8fd
kernel-doc-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: 2117228b09a852a7edb6e6c855bb270d44020314ae0800b478f3470c33cfc16b
kernel-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: aab265374b64eaf88e9679e745c3daae76c8b4113a202ca47954b19f512a0aba
kernel-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 4f6820719cb31a321e4462ba2a2dc62a9fe1af5d38130dc752d3522f3f70d248
kernel-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 588cb52e757f78e2f32b2a5b87091b4c0130fd06651049b636cef8b64611c86a
kernel-tools-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 498177073d0c1a5781b4eb68d4384494795161263edfc9f8fdb303176d8bc050
kernel-tools-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62e23ad40d3c9fd8453a1c2362a2a856c9598a9118982f6c71f8cc9445238d94
kernel-tools-libs-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: eb86bf31b47d40bcf71ed03d45e0ae1aae9f5c26273225b086e9f53eb0405550
perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dd8de8c016967f610b1a11fdb02e3d7be1d0db2a681dadb0f97a500653ccaa4b
perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dba687c4e5237b99c765355ea7a506ae7c37f8f51f66022aadf386e7e3febd51
python3-perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: b0d96dd11b62e878d4a1c565d8eb2c743d0eaeb8077c9771b05b0dfcc19f4b54
python3-perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: f22f22becbf4e33753224ffdc833d6b36fa3175adde2a30146aead69b67f3fab
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
kernel-4.18.0-193.109.1.el8_2.src.rpm
SHA-256: b8a3ab7778424a84b61af9f5a8524ba61ce990e9d2470e5d46f410d605c8c272
ppc64le
bpftool-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: fd729e67bf65142dfa44f0c7bc8a6f3d2d7e828580bbf286e95713129914d720
bpftool-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: c5502b4f0657ea0176acbedd89865300a2d37a96bb565f6674c4d208b5f9e485
kernel-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 89611a0cb57fbef5e090976bf2b21683e0abe20bd571fb84e9964d8f574a773e
kernel-abi-whitelists-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: f7762873d5eeb304cb5873fb4f93feab2991f7db598231d034a82e1601c384be
kernel-core-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 549f228151679ddabb26628e8a53a1f1f123dd04cc30ad064c3f03588f562b4f
kernel-cross-headers-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: bac00e34ed3078ce1c24a7a3f5c2d324f5157a752a0520d44c4b35c9a8570307
kernel-debug-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 70ea491a1bc8e91a4658ea4d8f78606ad91f4704ef486191e4b2173124a600a8
kernel-debug-core-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: c9fda43352ce76577d96462d339e361b34b5b5093005048d5bf5a6d160daddea
kernel-debug-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 11d65ab5430a8ae7f5fe24be294c7e18afaea08c9aabf3b20d2ad05761d0e5fe
kernel-debug-devel-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 74a0dfe25d7a4dc84ef5b95efd8ad1b06ec6d726454dcaa0fd152bedb08b489b
kernel-debug-modules-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 1261e2ebbec8b19c4648c813d452590e023b3c40d406d4ca6c65ee7bb20d4cd5
kernel-debug-modules-extra-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: d51c128de567f2362a992ae5015da8ae3d7e2b83381507300e48768e4a82573f
kernel-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 52c9c985ab939300bc46c6396bc08113f7b76d7b0729b0e2508f0bcde617e9c4
kernel-debuginfo-common-ppc64le-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 8a099dca32c0ef2a7671d60cfec9a79b7ddfc234b60102113b8a529b722697a9
kernel-devel-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: df038f9f1446be6469b77baefcb3e5e605a9d7a2cdf2ce5143f35c3d337f26eb
kernel-doc-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: 2117228b09a852a7edb6e6c855bb270d44020314ae0800b478f3470c33cfc16b
kernel-headers-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 4d6168c8a9d870610db241042bc6d73e9fd8ea13dc38e7711f842378d3d94ab1
kernel-modules-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: d8e498776689d793ab3f27d2a2e8523dcada45f3f9f5e4bd62cbf406207aac83
kernel-modules-extra-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 1d3ca48546673382d98dd1a12d0bbb88de1e92cce6c341c63608fbb39facf3a5
kernel-tools-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: a99481937097ccd26626af0bfa671d9d276b8e06992227f86eb152bde642c3c3
kernel-tools-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 132f33c6ee7d18a7f5324b280dc2e0be4c3365e3535f9c81321fac9daffb2f28
kernel-tools-libs-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 6908d57f7e4694a057d29cf830ea0b3fb1492ee9d629abdf484e7f270243ca55
perf-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: e84ef6eebc257b52b742d90a53662104e87e1cf12931b82275592cc69d6f5a12
perf-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: 52bd362fd56015d0b1a0e376228dd5e95013760f7c1dd0300d313a4c4c48b86b
python3-perf-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: f186b7e6684ff00f3099b628f1d4af268bea48c0e792b5d42715ceee0f1659d6
python3-perf-debuginfo-4.18.0-193.109.1.el8_2.ppc64le.rpm
SHA-256: f251ffc2aa1a76d6e63b57645481c8d4e99e6982c7abadd661bfd52d6e9e6819
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
kernel-4.18.0-193.109.1.el8_2.src.rpm
SHA-256: b8a3ab7778424a84b61af9f5a8524ba61ce990e9d2470e5d46f410d605c8c272
x86_64
bpftool-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: d736a58da1e07bdeb42ff5492b4ec5c6ebdcf8e05e88f18a9f76df9a69f4f56f
bpftool-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8b0090924db1703d6775b45317f65eb1f27f85288dd0db97d50048d8affee5c2
kernel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 8e4300d1adcc6c086ab041fa02273faef5edee09c39a17eea9fa30165d3a15bf
kernel-abi-whitelists-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: f7762873d5eeb304cb5873fb4f93feab2991f7db598231d034a82e1601c384be
kernel-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62a7c1e9e328b7cc181d5fcd3f479bec7517208a14a2ddb6b18dcf18236ac6c8
kernel-cross-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 51ed57016f02142ee7c6789fd7799c4f8d2703196222f90eca38abaef67cc8f5
kernel-debug-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 26fceefa1f0b6819f15cdf62a00ec7b9c510837474856928e592a02fa2b0b500
kernel-debug-core-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 205c828d6d284965dde3cfe3fa79fb12ceea1b3653dc3ab3042a783d55c23575
kernel-debug-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: ea060e883c6c7a7bbf859024720badc9e7d48a05b80ab8f3f63dc022c8dc8b5a
kernel-debug-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e5ed31000ed03331a9c2ac638e1f32b671375e2b93979a72198fc69469f647ab
kernel-debug-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 67ca6341e59a9040dfce71542f5c3e219e75c005c701bf9b8d90bd016922d5a6
kernel-debug-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 6272078ee58e30b3bba3a2d9a22f117f9bd30433c5758e326998935e21e458ca
kernel-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 35d1d5f673919b64c8856f0ab0619a4f40810bb06546b36e66f771d37199f50f
kernel-debuginfo-common-x86_64-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: e645fcb3a699e126cb33acbe6a99dd439dee48211df4435c8ebaf3b03d4ad789
kernel-devel-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: c9d22ad9f1b4c7eceecab3cad47255fada80295ac3542e6363224b45afa1d8fd
kernel-doc-4.18.0-193.109.1.el8_2.noarch.rpm
SHA-256: 2117228b09a852a7edb6e6c855bb270d44020314ae0800b478f3470c33cfc16b
kernel-headers-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: aab265374b64eaf88e9679e745c3daae76c8b4113a202ca47954b19f512a0aba
kernel-modules-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 4f6820719cb31a321e4462ba2a2dc62a9fe1af5d38130dc752d3522f3f70d248
kernel-modules-extra-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 588cb52e757f78e2f32b2a5b87091b4c0130fd06651049b636cef8b64611c86a
kernel-tools-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 498177073d0c1a5781b4eb68d4384494795161263edfc9f8fdb303176d8bc050
kernel-tools-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: 62e23ad40d3c9fd8453a1c2362a2a856c9598a9118982f6c71f8cc9445238d94
kernel-tools-libs-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: eb86bf31b47d40bcf71ed03d45e0ae1aae9f5c26273225b086e9f53eb0405550
perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dd8de8c016967f610b1a11fdb02e3d7be1d0db2a681dadb0f97a500653ccaa4b
perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: dba687c4e5237b99c765355ea7a506ae7c37f8f51f66022aadf386e7e3febd51
python3-perf-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: b0d96dd11b62e878d4a1c565d8eb2c743d0eaeb8077c9771b05b0dfcc19f4b54
python3-perf-debuginfo-4.18.0-193.109.1.el8_2.x86_64.rpm
SHA-256: f22f22becbf4e33753224ffdc833d6b36fa3175adde2a30146aead69b67f3fab
Related news
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Red Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...
Red Hat Security Advisory 2023-4699-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...
Red Hat Security Advisory 2023-4531-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traver...
Red Hat Security Advisory 2023-4145-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4146-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4126-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4125-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
An update for kpatch-patch-4_18_0-193_100_1, kpatch-patch-4_18_0-193_105_1, kpatch-patch-4_18_0-193_95_1, and kpatch-patch-4_18_0-193_98_1 is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-after-fr...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-1281: A use-after-free vulnerability w...
Red Hat Security Advisory 2023-3853-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3853-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
Ubuntu Security Notice 6150-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's ...
Red Hat Security Advisory 2023-3351-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3349-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6124-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.
Ubuntu Security Notice 6122-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially es...
Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-3191-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-1390: A remote denial of service vulnerab...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-1390: A remote denial of service vu...
Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6040-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Red Hat Security Advisory 2023-1923-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Ubuntu Security Notice 6031-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Integrity Measurement Architecture implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions.
Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Red Hat Security Advisory 2023-1557-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue. * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) o...
Ubuntu Security Notice 5978-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
Ubuntu Security Notice 5976-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
Ubuntu Security Notice 5938-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.