Headline
RHSA-2023:4817: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in
__ip_options_echo
and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. - CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters fl_set_geneve_opt, potentially leading to a denial of service or privilege escalation.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
发布:
2023-08-29
已更新:
2023-08-29
RHSA-2023:4817 - Security Advisory
- 概述
- 更新的软件包
概述
Important: kernel-rt security and bug fix update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
标题
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
- kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
- kernel: OOB access in the Linux kernel’s XFS subsystem (CVE-2023-2124)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the RHEL-8.2.z28 source tree (BZ#2228917)
解决方案
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
受影响的产品
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
修复
- BZ - 2187439 - CVE-2023-2124 kernel: OOB access in the Linux kernel’s XFS subsystem
- BZ - 2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
- BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
CVE
- CVE-2023-2124
- CVE-2023-3090
- CVE-2023-35788
参考
- https://access.redhat.com/security/updates/classification/#important
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm
SHA-256: 9158be93ea634526d0f9f13f4990f8ff118675e41ed050cddbc10ea33a5f9395
x86_64
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 1dd849365e90781a9fb75205d50c2968f9f995533da74e0633c1bdc9e2ff756a
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: c5ea54bed61092c5a24281176587b7fc38df0dd21c3beb170e0b6ef0d75955b5
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 8d7f527453ad10df03f1d6720652d183ea88eaf4d0a15a18e593ab32d1aaaaae
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: f1fe31d77198a0573ee95ff3f62595d179cfcf65262bc0f1dfa8d449c39ac915
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: c9363f5caa9020fc37aeecf074f1c6cbfc415f43ed030560e1b62d2373dd9a95
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 60759296f29bf564cff0293599ee03a312648d313eb4056f3a8332798aa5fa5a
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: a0b73483febc834daf00fcc1f158297f5f670562092bbbc3985611d1a61b3411
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: ffd3b8c5e561747b4ee34504b8c3508b5e29a53d66660888140fd75428782b76
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: fcd7acb8e469a7ec57eb4310aef4a107556073dfc2d9dd4c99ee215925b9e54a
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 9ef24258253e25669666ded6ae56c2d664972386213c01e9bbfc15995bda3df2
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 4508410db20456d9a0cde9d61723075de093cde40580a734fd44ac252c7f9e2b
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 79261f5c2376213c39885113899f9a444c16164f67bfe4ce16961bc41807c0ee
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 6897fd19a0bb3e11fde613e7cbb16fa08e3059a7c5fc5f5b1e48a1e55399b796
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.src.rpm
SHA-256: 9158be93ea634526d0f9f13f4990f8ff118675e41ed050cddbc10ea33a5f9395
x86_64
kernel-rt-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 1dd849365e90781a9fb75205d50c2968f9f995533da74e0633c1bdc9e2ff756a
kernel-rt-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: c5ea54bed61092c5a24281176587b7fc38df0dd21c3beb170e0b6ef0d75955b5
kernel-rt-debug-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 8d7f527453ad10df03f1d6720652d183ea88eaf4d0a15a18e593ab32d1aaaaae
kernel-rt-debug-core-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: f1fe31d77198a0573ee95ff3f62595d179cfcf65262bc0f1dfa8d449c39ac915
kernel-rt-debug-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: c9363f5caa9020fc37aeecf074f1c6cbfc415f43ed030560e1b62d2373dd9a95
kernel-rt-debug-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 60759296f29bf564cff0293599ee03a312648d313eb4056f3a8332798aa5fa5a
kernel-rt-debug-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 10a18f52ea92a04975211dae650c8394a5f0f93255f68e1d24582f3e6fe1a51e
kernel-rt-debug-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: a0b73483febc834daf00fcc1f158297f5f670562092bbbc3985611d1a61b3411
kernel-rt-debug-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: ffd3b8c5e561747b4ee34504b8c3508b5e29a53d66660888140fd75428782b76
kernel-rt-debuginfo-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: fcd7acb8e469a7ec57eb4310aef4a107556073dfc2d9dd4c99ee215925b9e54a
kernel-rt-debuginfo-common-x86_64-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 9ef24258253e25669666ded6ae56c2d664972386213c01e9bbfc15995bda3df2
kernel-rt-devel-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 4508410db20456d9a0cde9d61723075de093cde40580a734fd44ac252c7f9e2b
kernel-rt-kvm-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 7cb34019bd12661a7a8351ca918aaf83a6d8399b6fc75b884255c71e6231138a
kernel-rt-modules-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 79261f5c2376213c39885113899f9a444c16164f67bfe4ce16961bc41807c0ee
kernel-rt-modules-extra-4.18.0-193.113.1.rt13.164.el8_2.x86_64.rpm
SHA-256: 6897fd19a0bb3e11fde613e7cbb16fa08e3059a7c5fc5f5b1e48a1e55399b796
Red Hat 安全团队联络方式为 [email protected]。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。
Related news
Red Hat Security Advisory 2023-5627-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, null pointer, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5575-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4128: A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. * CVE-2023-31248: A use-af...
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-3390: A use-after-free f...
Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
Ubuntu Security Notice 6331-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...
Ubuntu Security Notice 6312-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters fl_set_geneve_opt, potentially leading to a denial of servic...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation.
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total ...
Ubuntu Security Notice 6284-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
Red Hat Security Advisory 2023-4541-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...
An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...
An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-35788: A flaw was found ...
Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6260-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-4137-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Ubuntu Security Notice 6228-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service. Wei Chen discovered that the InfiniBand RDMA communication manager implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6224-1 - It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service. Wei Chen discovered that the InfiniBand RDMA communication manager implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6220-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
Ubuntu Security Notice 6212-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
Ubuntu Security Notice 6206-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6192-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Xingyuan Mo and Gengjia Chen discovered that the io_uring subsystem in the Linux kernel did not properly handle locking when IOPOLL mode is being used. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-3723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.