Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3853: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
  • CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#kubernetes#aws#rpm#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

All Products

Issued:

2023-06-27

Updated:

2023-06-27

RHSA-2023:3853 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
  • kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
  • BZ - 2196105 - CVE-2023-32233 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

kpatch-patch-4_18_0-147_77_1-1-6.el8_1.src.rpm

SHA-256: 6a1c989106ab222c91e963184b39e50e8fe0466bc35f587caa91dacc6ff20f7c

kpatch-patch-4_18_0-147_78_1-1-5.el8_1.src.rpm

SHA-256: 3dad90e24b4a88a4c9b72ecea2b1b2ac0b5cf135baa4e75cb05c38d069d6f202

kpatch-patch-4_18_0-147_80_1-1-4.el8_1.src.rpm

SHA-256: 7c04d9d572f748edc7f21eab958a78e9f9ead449fe7f42206c4e691e7e6e5415

kpatch-patch-4_18_0-147_81_1-1-3.el8_1.src.rpm

SHA-256: 95cf3a3a8c82409a7e92caa5227931dcc110835c471caa2286951f78ae3bbb93

kpatch-patch-4_18_0-147_83_1-1-2.el8_1.src.rpm

SHA-256: 81dce12347000e6f68f24fa6517bb7947f26879e44d2e5489a410c0231d20757

ppc64le

kpatch-patch-4_18_0-147_77_1-1-6.el8_1.ppc64le.rpm

SHA-256: 490a2d2c73b23a8c4e6edcae54447fdbcf3f1d2cff74f1c20449a37bdda7b960

kpatch-patch-4_18_0-147_77_1-debuginfo-1-6.el8_1.ppc64le.rpm

SHA-256: f73d3633a454e510b5d3844653363ca65801960570d4b1df66f5dc095e288d1e

kpatch-patch-4_18_0-147_77_1-debugsource-1-6.el8_1.ppc64le.rpm

SHA-256: db14cc696828cbc1fb0bf1983fd5e291f051f3eec5e97b0332e33fca5b35bcbe

kpatch-patch-4_18_0-147_78_1-1-5.el8_1.ppc64le.rpm

SHA-256: 1e4d18e1062357ba1f4f4de2bbb1b8291681b013e5a9cf58fa02de3f20847d33

kpatch-patch-4_18_0-147_78_1-debuginfo-1-5.el8_1.ppc64le.rpm

SHA-256: 5090102e2c705a410b67102c330dea50ce0730a1207f94c0ab98b2ac1368ffcf

kpatch-patch-4_18_0-147_78_1-debugsource-1-5.el8_1.ppc64le.rpm

SHA-256: 77e80fb30977ce1e0acc859eed51bb234ec9d1491846ac02488b9a0c57dfd569

kpatch-patch-4_18_0-147_80_1-1-4.el8_1.ppc64le.rpm

SHA-256: f14717957a6ecc4372618d1514fa67f23b17c4078c1b09c575e014f256d5f8ac

kpatch-patch-4_18_0-147_80_1-debuginfo-1-4.el8_1.ppc64le.rpm

SHA-256: 8b3e21d8ad1ba3cf277a5310d27ca4ae4e6c7b4894a2f679a00ac959d54487bf

kpatch-patch-4_18_0-147_80_1-debugsource-1-4.el8_1.ppc64le.rpm

SHA-256: d57e55f255180c2404e789e8b1cf8c072189e6b13ea69dffcce5b8b9d7b423b5

kpatch-patch-4_18_0-147_81_1-1-3.el8_1.ppc64le.rpm

SHA-256: 2eea6973b66bc239e13792f754fd2aeae5c857426f5a94b9b4059091150c66a8

kpatch-patch-4_18_0-147_81_1-debuginfo-1-3.el8_1.ppc64le.rpm

SHA-256: 7942674d224e01379a85e96cfa7152f88b0a439a6a2f63fe3296ee5a3edc1738

kpatch-patch-4_18_0-147_81_1-debugsource-1-3.el8_1.ppc64le.rpm

SHA-256: 807b8a47b732f4ae9e1c5d5f9b1c0af86c3e2e7d016eacfaba6126b33392da1f

kpatch-patch-4_18_0-147_83_1-1-2.el8_1.ppc64le.rpm

SHA-256: 761040bda1575a747647e76fc6ae963767c9949a9e19829f57fcfcff434c1199

kpatch-patch-4_18_0-147_83_1-debuginfo-1-2.el8_1.ppc64le.rpm

SHA-256: f7dd75a2d2d2fe65d5d6426e1957165edcd17cf63b818285cd7b2264eeb75df9

kpatch-patch-4_18_0-147_83_1-debugsource-1-2.el8_1.ppc64le.rpm

SHA-256: 7b7dd367902155fe2b5c134a1ebb1ba7c79304c6b15e2dd7243e51c8501a830f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM

kpatch-patch-4_18_0-147_77_1-1-6.el8_1.src.rpm

SHA-256: 6a1c989106ab222c91e963184b39e50e8fe0466bc35f587caa91dacc6ff20f7c

kpatch-patch-4_18_0-147_78_1-1-5.el8_1.src.rpm

SHA-256: 3dad90e24b4a88a4c9b72ecea2b1b2ac0b5cf135baa4e75cb05c38d069d6f202

kpatch-patch-4_18_0-147_80_1-1-4.el8_1.src.rpm

SHA-256: 7c04d9d572f748edc7f21eab958a78e9f9ead449fe7f42206c4e691e7e6e5415

kpatch-patch-4_18_0-147_81_1-1-3.el8_1.src.rpm

SHA-256: 95cf3a3a8c82409a7e92caa5227931dcc110835c471caa2286951f78ae3bbb93

kpatch-patch-4_18_0-147_83_1-1-2.el8_1.src.rpm

SHA-256: 81dce12347000e6f68f24fa6517bb7947f26879e44d2e5489a410c0231d20757

x86_64

kpatch-patch-4_18_0-147_77_1-1-6.el8_1.x86_64.rpm

SHA-256: 1b379ee4f90bc75e72fb7f5a0881943d0e69065ac8f3c707daf4edfdf4fa4fbf

kpatch-patch-4_18_0-147_77_1-debuginfo-1-6.el8_1.x86_64.rpm

SHA-256: 7d7f74d5e06f95d51198a08a2ae66c1ef929071baee1ef72cf875f54de82f4ac

kpatch-patch-4_18_0-147_77_1-debugsource-1-6.el8_1.x86_64.rpm

SHA-256: bf2ce491b95447d4bf46dc575824d60a36df56261f4a4b62c1a3f602a1d1408a

kpatch-patch-4_18_0-147_78_1-1-5.el8_1.x86_64.rpm

SHA-256: 81d1c00e147dc9823c60eed8a94f5847f776895362a6e2cfc65a85a60073f500

kpatch-patch-4_18_0-147_78_1-debuginfo-1-5.el8_1.x86_64.rpm

SHA-256: 5940b76fae1b532558f21e0e9dd17835b239cd438e50cbb0879b22e8ae79e018

kpatch-patch-4_18_0-147_78_1-debugsource-1-5.el8_1.x86_64.rpm

SHA-256: cf9eaa57e67e18c3a16a8ad60635d085ec23b3813c98ad510478cad2008c3b06

kpatch-patch-4_18_0-147_80_1-1-4.el8_1.x86_64.rpm

SHA-256: 70c09ff239a83b261ad6706cae879814f5a2139cbc58533124083f0626ec70f1

kpatch-patch-4_18_0-147_80_1-debuginfo-1-4.el8_1.x86_64.rpm

SHA-256: 447315a7923e625b27df9da5e4bf7901b5f534507ce35256bb5ddbe4d3957239

kpatch-patch-4_18_0-147_80_1-debugsource-1-4.el8_1.x86_64.rpm

SHA-256: c834457a6c9febcf675e4a3d910598bd4c0544eb91169a6b1aa64c969ee785cb

kpatch-patch-4_18_0-147_81_1-1-3.el8_1.x86_64.rpm

SHA-256: d38a5ec40e8a773d9e0e3047efd212d48b721ce5902699125fcc235178337edf

kpatch-patch-4_18_0-147_81_1-debuginfo-1-3.el8_1.x86_64.rpm

SHA-256: 882e95d679dd342e330f9c8ae4c70f82c1cbeeed424b1d93c75d6df4a3091c6b

kpatch-patch-4_18_0-147_81_1-debugsource-1-3.el8_1.x86_64.rpm

SHA-256: bff5cff50bb02de678954030673816b1e267f40b59128d03a0c9f20e47558915

kpatch-patch-4_18_0-147_83_1-1-2.el8_1.x86_64.rpm

SHA-256: 1c1b639ef742dd6a8aa6f6a37851844215e6171514c1f8c9a74bf77189e7f8d9

kpatch-patch-4_18_0-147_83_1-debuginfo-1-2.el8_1.x86_64.rpm

SHA-256: 0adf228d09acda2aca0dd5cdefb24ed7d234d8afc50ac256ec75c2da141e6b2f

kpatch-patch-4_18_0-147_83_1-debugsource-1-2.el8_1.x86_64.rpm

SHA-256: 886f352c95c0338dfc86f94b167be626440b21cecd7059750f3da68be193b954

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2023-45085: Releases - HyperCloud Docs

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process.  In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.

Red Hat Security Advisory 2023-5621-01

Red Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:5419: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...

Red Hat Security Advisory 2023-4699-01

Red Hat Security Advisory 2023-4699-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

CVE-2023-33953: Security Bulletins

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...

Red Hat Security Advisory 2023-4517-01

Red Hat Security Advisory 2023-4517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4262-01

Red Hat Security Advisory 2023-4262-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:4256: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversin...

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4145-01

Red Hat Security Advisory 2023-4145-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4146-01

Red Hat Security Advisory 2023-4146-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4125-01

Red Hat Security Advisory 2023-4125-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.

RHSA-2023:4146: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch-4_18_0-193_100_1, kpatch-patch-4_18_0-193_105_1, kpatch-patch-4_18_0-193_95_1, and kpatch-patch-4_18_0-193_98_1 is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user...

RHSA-2023:4125: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local ...

Ubuntu Security Notice USN-6222-1

Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Red Hat Security Advisory 2023-3853-01

Red Hat Security Advisory 2023-3853-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:3852: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-afte...

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

Kernel Live Patch Security Notice LSN-0095-1

It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

Red Hat Security Advisory 2023-3705-01

Red Hat Security Advisory 2023-3705-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6150-1

Ubuntu Security Notice 6150-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6149-1

Ubuntu Security Notice 6149-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-3490-01

Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:3470: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's udm...

Ubuntu Security Notice USN-6134-1

Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6131-1

Ubuntu Security Notice 6131-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6122-1

Ubuntu Security Notice 6122-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service.

RHSA-2023:3350: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially es...

Ubuntu Security Notice USN-6093-1

Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2023-32233: netfilter: nf_tables: deactivate anonymous set from preparation phase · torvalds/linux@c1592a8

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

Ubuntu Security Notice USN-6040-1

Ubuntu Security Notice 6040-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

Ubuntu Security Notice USN-6030-1

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6029-1

Ubuntu Security Notice 6029-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service.

Ubuntu Security Notice USN-6025-1

Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

Ubuntu Security Notice USN-5977-1

Ubuntu Security Notice 5977-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.

CVE-2023-1281

Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.