Headline
RHSA-2023:5255: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.
- CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in
__ip_options_echo
and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. - CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.
- CVE-2023-3776: A use-after-free vulnerability was found in fw_set_parms in net/sched/cls_fw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain local privilege escalation.
- CVE-2023-4004: A use-after-free flaw was found in the Linux kernel’s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
- CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances.
- CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel’s nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
- CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters fl_set_geneve_opt, potentially leading to a denial of service or privilege escalation.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Issued:
2023-09-19
Updated:
2023-09-19
RHSA-2023:5255 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
'Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-
tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
- kernel: UAF in nftables when nft_set_lookup_global triggered after handling
named and anonymous sets in batch requests (CVE-2023-3390)
- kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
(CVE-2023-35788)
- hw: amd: Cross-Process Information Leak (CVE-2023-20593,zenbleed)
- kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
- kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
(CVE-2023-35001,ZDI-CAN-20721)
- kernel: net/sched: cls_fw component can be exploited as result of failure in
tcf_change_indev function (CVE-2023-3776)
- kernel: netfilter: use-after-free due to improper element removal in
nft_pipapo_remove() (CVE-2023-4004)
Bug Fix(es):
- kernel-rt: update RT source tree to the RHEL-8.8.z3 source tree (BZ#2227068)
- pods get restarted due to failed probes (BZ#2227238)
Solution
For details on how to apply this update, which includes the changes described
in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8 x86_64
Fixes
- BZ - 2187308 - CVE-2023-2002 Kernel: bluetooth: Unauthorized management command execution
- BZ - 2213260 - CVE-2023-3390 kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests
- BZ - 2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
- BZ - 2217845 - CVE-2023-20593 hw: amd: Cross-Process Information Leak
- BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
- BZ - 2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
- BZ - 2225097 - CVE-2023-3776 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function
- BZ - 2225275 - CVE-2023-4004 kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()
CVEs
- CVE-2023-2002
- CVE-2023-3090
- CVE-2023-3390
- CVE-2023-3776
- CVE-2023-4004
- CVE-2023-20593
- CVE-2023-35001
- CVE-2023-35788
Red Hat Enterprise Linux for Real Time 8
SRPM
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.src.rpm
SHA-256: 40f5efccf88e799c70c568667bdbd78087a16adced5b7feb0c6ccfa09d5f2d56
x86_64
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 24596ec70857e242235d363d645b03eb5e3a053e254155fb1651b509d6cd1134
kernel-rt-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 8a06dec78639e02af3fe3ae07700ed44e59d5b9f67caaeb818cd2446346ad07f
kernel-rt-debug-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fdd244e6de09c6d338c2068454d613452d078481f1d547ee69ebe136b2ab1550
kernel-rt-debug-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 7f56f984eac0d00abc13c6fce1ef178e86bd98fe6f1d93fe3e0d039573762f6a
kernel-rt-debug-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0e1b382a905b5be526dd850908f04c3c6dd357542c4f37d9fe8d2e99aa1aa398
kernel-rt-debug-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0ae5424f1e4b8245e828078d625c6aae119aaa4c1380661a93b7f09e7943fbec
kernel-rt-debug-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 237fb60d33da7da249018e4947bf1540a0068fd0fd51c1907e63142738b815ef
kernel-rt-debug-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 2ed64c85b182691b6f3e55792e15ecca4a9e1ee84cb52e7cc34ac79a813b7912
kernel-rt-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 4ef2dc60a2c276be0d08edf7e960d3ec5c25a2c51a7c1d0650390da142baf1d0
kernel-rt-debuginfo-common-x86_64-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: e51702edd2b3373240500c785dda5335cd3587482470a3ed521aa328cc39dd2d
kernel-rt-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fa814caf3c0a8f61f689fe8fc92ab61e9d5aa6192af5ee7ca494d8f7d49ebeae
kernel-rt-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 67054b20428df086e60bf517b427dd08e54925986723605c0e181a038177a71e
kernel-rt-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 21906da779a267d9e917115b1fc71dd5bb15a23b8e506c6d276d6b98859384ed
Red Hat Enterprise Linux for Real Time for NFV 8
SRPM
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.src.rpm
SHA-256: 40f5efccf88e799c70c568667bdbd78087a16adced5b7feb0c6ccfa09d5f2d56
x86_64
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 24596ec70857e242235d363d645b03eb5e3a053e254155fb1651b509d6cd1134
kernel-rt-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 8a06dec78639e02af3fe3ae07700ed44e59d5b9f67caaeb818cd2446346ad07f
kernel-rt-debug-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fdd244e6de09c6d338c2068454d613452d078481f1d547ee69ebe136b2ab1550
kernel-rt-debug-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 7f56f984eac0d00abc13c6fce1ef178e86bd98fe6f1d93fe3e0d039573762f6a
kernel-rt-debug-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0e1b382a905b5be526dd850908f04c3c6dd357542c4f37d9fe8d2e99aa1aa398
kernel-rt-debug-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0ae5424f1e4b8245e828078d625c6aae119aaa4c1380661a93b7f09e7943fbec
kernel-rt-debug-kvm-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: b99d93712575a637606e4777e2aaccc4b27293583a8404123a172561e849086b
kernel-rt-debug-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 237fb60d33da7da249018e4947bf1540a0068fd0fd51c1907e63142738b815ef
kernel-rt-debug-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 2ed64c85b182691b6f3e55792e15ecca4a9e1ee84cb52e7cc34ac79a813b7912
kernel-rt-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 4ef2dc60a2c276be0d08edf7e960d3ec5c25a2c51a7c1d0650390da142baf1d0
kernel-rt-debuginfo-common-x86_64-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: e51702edd2b3373240500c785dda5335cd3587482470a3ed521aa328cc39dd2d
kernel-rt-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fa814caf3c0a8f61f689fe8fc92ab61e9d5aa6192af5ee7ca494d8f7d49ebeae
kernel-rt-kvm-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: c7231a6564530b4d8593abc058fabdb07873af6cd07b7287e008219d89c163ea
kernel-rt-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 67054b20428df086e60bf517b427dd08e54925986723605c0e181a038177a71e
kernel-rt-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 21906da779a267d9e917115b1fc71dd5bb15a23b8e506c6d276d6b98859384ed
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8
SRPM
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.src.rpm
SHA-256: 40f5efccf88e799c70c568667bdbd78087a16adced5b7feb0c6ccfa09d5f2d56
x86_64
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 24596ec70857e242235d363d645b03eb5e3a053e254155fb1651b509d6cd1134
kernel-rt-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 8a06dec78639e02af3fe3ae07700ed44e59d5b9f67caaeb818cd2446346ad07f
kernel-rt-debug-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fdd244e6de09c6d338c2068454d613452d078481f1d547ee69ebe136b2ab1550
kernel-rt-debug-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 7f56f984eac0d00abc13c6fce1ef178e86bd98fe6f1d93fe3e0d039573762f6a
kernel-rt-debug-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0e1b382a905b5be526dd850908f04c3c6dd357542c4f37d9fe8d2e99aa1aa398
kernel-rt-debug-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0ae5424f1e4b8245e828078d625c6aae119aaa4c1380661a93b7f09e7943fbec
kernel-rt-debug-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 237fb60d33da7da249018e4947bf1540a0068fd0fd51c1907e63142738b815ef
kernel-rt-debug-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 2ed64c85b182691b6f3e55792e15ecca4a9e1ee84cb52e7cc34ac79a813b7912
kernel-rt-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 4ef2dc60a2c276be0d08edf7e960d3ec5c25a2c51a7c1d0650390da142baf1d0
kernel-rt-debuginfo-common-x86_64-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: e51702edd2b3373240500c785dda5335cd3587482470a3ed521aa328cc39dd2d
kernel-rt-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fa814caf3c0a8f61f689fe8fc92ab61e9d5aa6192af5ee7ca494d8f7d49ebeae
kernel-rt-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 67054b20428df086e60bf517b427dd08e54925986723605c0e181a038177a71e
kernel-rt-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 21906da779a267d9e917115b1fc71dd5bb15a23b8e506c6d276d6b98859384ed
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8
SRPM
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.src.rpm
SHA-256: 40f5efccf88e799c70c568667bdbd78087a16adced5b7feb0c6ccfa09d5f2d56
x86_64
kernel-rt-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 24596ec70857e242235d363d645b03eb5e3a053e254155fb1651b509d6cd1134
kernel-rt-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 8a06dec78639e02af3fe3ae07700ed44e59d5b9f67caaeb818cd2446346ad07f
kernel-rt-debug-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fdd244e6de09c6d338c2068454d613452d078481f1d547ee69ebe136b2ab1550
kernel-rt-debug-core-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 7f56f984eac0d00abc13c6fce1ef178e86bd98fe6f1d93fe3e0d039573762f6a
kernel-rt-debug-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0e1b382a905b5be526dd850908f04c3c6dd357542c4f37d9fe8d2e99aa1aa398
kernel-rt-debug-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 0ae5424f1e4b8245e828078d625c6aae119aaa4c1380661a93b7f09e7943fbec
kernel-rt-debug-kvm-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: b99d93712575a637606e4777e2aaccc4b27293583a8404123a172561e849086b
kernel-rt-debug-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 237fb60d33da7da249018e4947bf1540a0068fd0fd51c1907e63142738b815ef
kernel-rt-debug-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 2ed64c85b182691b6f3e55792e15ecca4a9e1ee84cb52e7cc34ac79a813b7912
kernel-rt-debuginfo-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 4ef2dc60a2c276be0d08edf7e960d3ec5c25a2c51a7c1d0650390da142baf1d0
kernel-rt-debuginfo-common-x86_64-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: e51702edd2b3373240500c785dda5335cd3587482470a3ed521aa328cc39dd2d
kernel-rt-devel-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: fa814caf3c0a8f61f689fe8fc92ab61e9d5aa6192af5ee7ca494d8f7d49ebeae
kernel-rt-kvm-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: c7231a6564530b4d8593abc058fabdb07873af6cd07b7287e008219d89c163ea
kernel-rt-modules-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 67054b20428df086e60bf517b427dd08e54925986723605c0e181a038177a71e
kernel-rt-modules-extra-4.18.0-477.27.1.rt7.290.el8_8.x86_64.rpm
SHA-256: 21906da779a267d9e917115b1fc71dd5bb15a23b8e506c6d276d6b98859384ed
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-2004-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-2003-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include null pointer and use-after-free vulnerabilities.
Ubuntu Security Notice 6701-2 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2024-1269-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-1250-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include memory exhaustion, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-0262-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7551-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include information leakage and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-7424-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7417-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7294-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support.
Red Hat Security Advisory 2023-5794-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5628-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5591-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1206: A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. * CVE-2...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-202...
Red Hat Security Advisory 2023-5414-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important.
Ubuntu Security Notice 6397-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their p...
Red Hat OpenShift Virtualization release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5068-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
Ubuntu Security Notice 6357-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.
Ubuntu Security Notice 6357-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.
Ubuntu Security Notice 6357-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6342-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6342-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6327-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...
Ubuntu Security Notice 6318-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6318-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6315-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6309-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.
Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-3090: A flaw was found in the IPVLAN netwo...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. * CVE-2022-39188: A flaw was found in include/asm-generic/tlb.h in the Linux ...
Red Hat Security Advisory 2023-4699-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4698-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4696-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...
Debian Linux Security Advisory 5480-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Debian Linux Security Advisory 5480-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6300-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.
Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Debian Linux Security Advisory 5459-1 - Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in "Zen 2" CPUs may not be written to 0 correctly. This flaw allows an attacker to leak register contents across concurrent processes, hyper threads and virtualized guests.
It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). Various other issues were also addressed.
Ubuntu Security Notice 6247-1 - David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 6244-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4138-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4137-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. * CVE-2022-42703: A memory leak flaw with us...
Ubuntu Security Notice 6212-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
Red Hat Security Advisory 2023-3723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-2124: An out-of-bounds ...
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.