Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0396: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#rpm#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-01-24

Updated:

2023-01-24

RHSA-2023:0396 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm

SHA-256: 67d572cf13772c0372bf0e5a2a3e55b882357f63167df71d3b7fe5d8f330801c

kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm

SHA-256: 97d2b5e8c9873f983fb24a09fdc2f28a236a75a6e5755128d221121ba7525a1b

kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm

SHA-256: c1ba19ead8e94f4223b2d59c35a4e3912c05575e09cf09f2ab62e06e6fbc2d5d

kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm

SHA-256: 311bcb06a7b271a8060a2567a8df599988496d3d25459ac843b5b7db102d32f5

kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm

SHA-256: ef412e79ddb338aae090b6f9d36b2080ac945018602d0d6b9276770f2fe6aff4

ppc64le

kpatch-patch-4_18_0-193_87_1-1-3.el8_2.ppc64le.rpm

SHA-256: c7721cfea85ab9fc4a9855240b3b6302592edf076e800530e2c56039629c9d66

kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.ppc64le.rpm

SHA-256: 446f62ef9d15c5680ef3be2743c3cc418a0158656baf8837e37eed42c2ef7bd0

kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.ppc64le.rpm

SHA-256: 4066405ed919c142aa33c43b4da24f9b1aecbfcc8d400a548ad2b40943821ac5

kpatch-patch-4_18_0-193_90_1-1-3.el8_2.ppc64le.rpm

SHA-256: 37c486885b22de3ac542f37bc30ebb572344d0abab2ed5d3c9c489bfb321936f

kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.ppc64le.rpm

SHA-256: d29839eb57da32f8725111523f52be37fcafc9d06b078c889d66dbfb46782d2f

kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.ppc64le.rpm

SHA-256: 41d0b9ef4d044d58d51e2d91b1cb4f9cc57f7dc57157e856c29f66675e5b7a72

kpatch-patch-4_18_0-193_91_1-1-3.el8_2.ppc64le.rpm

SHA-256: 1c89b87b41899f368649a0250688eedf79c379182c555537967d89d35ed6d79a

kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.ppc64le.rpm

SHA-256: e2046ccd4c2d71635687d0c7ee48c901086340dec1209086b96dc33285df74f7

kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.ppc64le.rpm

SHA-256: 5ad46b2fa86f82c8a426d58ba2c405f2609698173e444fb50c63ddd37bfb070a

kpatch-patch-4_18_0-193_93_1-1-2.el8_2.ppc64le.rpm

SHA-256: 0793f3919d4203735711448435920c0b533eff1de6ceb4367fccf5dc1fd33e83

kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.ppc64le.rpm

SHA-256: fe4513f0f5d03d197932126cf4459f087d261caf96984512e0aa5361919e830f

kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.ppc64le.rpm

SHA-256: ea922a215eead4a4a2d9190b07dc9c765f67fdc554f1e525e975280aed38d373

kpatch-patch-4_18_0-193_95_1-1-1.el8_2.ppc64le.rpm

SHA-256: 1153cade27e0f6d28fb528d51d21705f85536cce76afdf94ac05d1203650929a

kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.ppc64le.rpm

SHA-256: 9a21491b422ee20e00332c71d555394b7b8a126cd0e8d8d197dea8e1d347d15e

kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.ppc64le.rpm

SHA-256: fcf213c490ab92cf2b0e95171e8858af0857253c9f52bfccaa4d7fddebc32ad9

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm

SHA-256: 67d572cf13772c0372bf0e5a2a3e55b882357f63167df71d3b7fe5d8f330801c

kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm

SHA-256: 97d2b5e8c9873f983fb24a09fdc2f28a236a75a6e5755128d221121ba7525a1b

kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm

SHA-256: c1ba19ead8e94f4223b2d59c35a4e3912c05575e09cf09f2ab62e06e6fbc2d5d

kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm

SHA-256: 311bcb06a7b271a8060a2567a8df599988496d3d25459ac843b5b7db102d32f5

kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm

SHA-256: ef412e79ddb338aae090b6f9d36b2080ac945018602d0d6b9276770f2fe6aff4

x86_64

kpatch-patch-4_18_0-193_87_1-1-3.el8_2.x86_64.rpm

SHA-256: a7b085424e7e73b45b354355753afb3d41b74526ddf2d3307f6da4117fffed10

kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.x86_64.rpm

SHA-256: 7ff378e0cf09c47778773d3097ef9b346a8ebded676aea2c4e32b5d9328c6fdf

kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.x86_64.rpm

SHA-256: 0086153e83145f815f3d8217f6f3ee7253d9df096acf641a0187d3ed30836d85

kpatch-patch-4_18_0-193_90_1-1-3.el8_2.x86_64.rpm

SHA-256: b00028ccba3473a844d3500c5b733e3cf615eb88c41a6c1de3138a1055972df4

kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.x86_64.rpm

SHA-256: cb0e855284a9b7e9f0e6c6da3192806ead155acbe4a7666ae1471ac02e93e695

kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.x86_64.rpm

SHA-256: 9282381530d3fc6acb47f51fe56aab3c179a3a3401c7eb8253e257bcb0df2543

kpatch-patch-4_18_0-193_91_1-1-3.el8_2.x86_64.rpm

SHA-256: 16fb4e68c8b57e261bacd7d255af46e0e0c9cb63c85eb11765f492000cd6acba

kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.x86_64.rpm

SHA-256: a7df3efd2a44db0eacd999e0039ed38342ddbf1bcde06fd265e6511bb07209d1

kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.x86_64.rpm

SHA-256: 8e734d7142b6d8f53d600280385fb0e2f46789822a67d0c38abb5db6ef024610

kpatch-patch-4_18_0-193_93_1-1-2.el8_2.x86_64.rpm

SHA-256: 996f7c8a7075b96ecde47cb011fafd9234a03b78b6041f04ee9aec8e4952dffc

kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.x86_64.rpm

SHA-256: 738dcde6ce067d999e21680a9f4156f920c401613f24f83edf8c9053e9d85ca0

kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.x86_64.rpm

SHA-256: 79396cec8dc4cdb07e4c7bc9aee48810f7836b7580781c7cc1902553d9fadddc

kpatch-patch-4_18_0-193_95_1-1-1.el8_2.x86_64.rpm

SHA-256: 1189db929a686efb45abf653f0f885fde33f63ce1d949532b91f143f613a3b1e

kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.x86_64.rpm

SHA-256: c4a0974c5d542d329ab2719860914a00d04cbb7d2fe37b49637e6462ccdaaad8

kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.x86_64.rpm

SHA-256: 81dfd8145e59e736786bc32dd075d7ed6ce9dffba1d4e610f127e70991bfe998

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

RHSA-2023:1192: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-41222: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space account...

Red Hat Security Advisory 2023-1130-01

Red Hat Security Advisory 2023-1130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

RHSA-2023:0856: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in ho...

RHSA-2023:0794: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates

Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...

RHSA-2023:0531: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0512: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0526: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0499: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

Red Hat Security Advisory 2023-0404-01

Red Hat Security Advisory 2023-0404-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-0392-01

Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

RHSA-2023:0399: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0400: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0395: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0334: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-3077: kernel: i2c: unbounded length leads to buffer overflow in ismt_access() * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-30594: ...

Red Hat Security Advisory 2023-0123-01

Red Hat Security Advisory 2023-0123-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

RHSA-2023:0114: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

Ubuntu Security Notice USN-5650-1

Ubuntu Security Notice 5650-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2022-2964: Invalid Bug ID

A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.