Headline
RHSA-2023:4962: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privilege escalation.
- CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.
- CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in
__ip_options_echo
and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. - CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.
- CVE-2023-4004: A use-after-free flaw was found in the Linux kernel’s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
- CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel’s nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
- CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write when the third packet enters fl_set_geneve_opt, potentially leading to a denial of service or privilege escalation.
Synopsis
Important: kernel security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)
- kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
- kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390)
- kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004)
- kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001)
- kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
- Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
- kernel: OOB access in the Linux kernel’s XFS subsystem (CVE-2023-2124)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- aacraid misses interrupts when a CPU is disabled resulting in scsi timeouts and the adapter being unusable until reboot. (BZ#2216500)
- rbd: avoid fast-diff corruption in snapshot-based mirroring [8.9] (BZ#2216771)
- refcount_t overflow often happens in mem_cgroup_id_get_online() (BZ#2221012)
- enable conntrack clash resolution for GRE (BZ#2223544)
- iavf: Fix race between iavf_close and iavf_reset_task (BZ#2223608)
- libceph: harden msgr2.1 frame segment length checks [8.x] (BZ#2227075)
- [i40e] error: Cannot set interface MAC/vlanid to 1e:b7:e2:02:b1:aa/0 for ifname ens4f0 vf 0: Resource temporarily unavailable (BZ#2228165)
Enhancement(s):
- [Intel 8.7 FEAT] TSC: Avoid clock watchdog when not needed (BZ#2216050)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Fixes
- BZ - 2187308 - CVE-2023-2002 Kernel: bluetooth: Unauthorized management command execution
- BZ - 2187439 - CVE-2023-2124 kernel: OOB access in the Linux kernel’s XFS subsystem
- BZ - 2188470 - CVE-2023-1829 kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter
- BZ - 2213260 - CVE-2023-3390 kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests
- BZ - 2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
- BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
- BZ - 2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
- BZ - 2225275 - CVE-2023-4004 kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()
CVEs
- CVE-2023-1829
- CVE-2023-2002
- CVE-2023-2124
- CVE-2023-3090
- CVE-2023-3390
- CVE-2023-4004
- CVE-2023-35001
- CVE-2023-35788
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
kernel-4.18.0-305.103.1.el8_4.src.rpm
SHA-256: a2bd6189c7d671403f963fff1b225104e2037b9f91f3359549b39b3e7df48004
x86_64
bpftool-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e83b84a46a9d6169d0277fbc1cb178d32c1fc7a504a090987078f5c1ff117eb6
bpftool-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 761952c2b36a63ce34040a5297eb8cdc5a32fadee146077389270bfba906d645
kernel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 1dd6162abc2d8a6acf65c702366c35a957658a5cb2c1929b741ef006a9263a2b
kernel-abi-stablelists-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: c5e23c7943502cb94c6ea2ce7af0fbe7c1e32d66edcd5a18ec561293e1a7608a
kernel-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 90d121fffdc23242628ed79ad13a911080130df79d24a852e854b63d1b663602
kernel-cross-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 66f0bc4c8813031e102ee2478a9b1d3e479d4021d88542970163aac814cde209
kernel-debug-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 14571c28bafc47e0bed62f7b289a8669ebfd4e00c9f89a399a6196d7fadfab4a
kernel-debug-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 6a544f44bde82aa8881d827fab74656c3010106dda8f8bd524dee00bb2029235
kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 97000bf342c065f268a611c0522bd7fed6bd1d0d5055d08b1360ed8ffc54788b
kernel-debug-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3236adcde811ad22d95792831bc15106d50ab429b51d65fc1e2e2270258d0a34
kernel-debug-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 498b93bdd92fad86e3232a4984b4e88362fd6958c68e696f595a47444e0f07fc
kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 2d281975fdebfbe9710ed5b353a54dd4cbf264d39c7f6fce80ed1b86fbffdad6
kernel-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 50d481e285c968b4c025d870081022624ee428a3a4dd9c87fb91047d6cd93a21
kernel-debuginfo-common-x86_64-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 96eb8db811c23ad50b1b66a47a68a59f7b226f568ceb1fd4a8ab2a34bdb39eff
kernel-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 4379906d2b72f05807b8d8d5b0ec03eaf3d64e0fcdf9e6cfa18e33a3ab91422d
kernel-doc-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: e7477f64f83a3e161a170943f2a4b211993da0619806561f0d390b139911f740
kernel-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 157bc80b7995797883a23be3d18e8d855bb73b21014cbd54c70b8bd2984ad414
kernel-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9b470ed6e8883e3adb7577af51b1a2fc3b86be19f258c35a86ed7538744f52f2
kernel-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 109481c39fe251293c1d284f4309c3386cdf7b5fce341c2eb2b8a73f5788012f
kernel-tools-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: f659435d0f886d74bfa5c69eeee6c492e4777f645dc902e4b190272ed14b14be
kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3d3c9cb2421dc00e9848e8f824e296dff2ba7018a3b23fabf50d860c1869bcf9
kernel-tools-libs-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e35d78706559bbfa39039cfc9afbadaedeee84c941b3e8aa5b52ac9521aece45
perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ffef69db255ce07e252365fb9c522e8736dfc47e98e5d4d08f053c44df532b9a
perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9f67c3c968bc8898d0cc14986fe223c1af70185fe8244f58160f7895babcc1fe
python3-perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ad657087e635f8870424d5145e3850ee77a319f43be5e3a6ce52f634fcc76604
python3-perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 173b22a014a6142b011a69ec9e507fa68b75aef0f8c9df5fa99bf248b89e9cd5
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
kernel-4.18.0-305.103.1.el8_4.src.rpm
SHA-256: a2bd6189c7d671403f963fff1b225104e2037b9f91f3359549b39b3e7df48004
x86_64
bpftool-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e83b84a46a9d6169d0277fbc1cb178d32c1fc7a504a090987078f5c1ff117eb6
bpftool-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 761952c2b36a63ce34040a5297eb8cdc5a32fadee146077389270bfba906d645
kernel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 1dd6162abc2d8a6acf65c702366c35a957658a5cb2c1929b741ef006a9263a2b
kernel-abi-stablelists-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: c5e23c7943502cb94c6ea2ce7af0fbe7c1e32d66edcd5a18ec561293e1a7608a
kernel-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 90d121fffdc23242628ed79ad13a911080130df79d24a852e854b63d1b663602
kernel-cross-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 66f0bc4c8813031e102ee2478a9b1d3e479d4021d88542970163aac814cde209
kernel-debug-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 14571c28bafc47e0bed62f7b289a8669ebfd4e00c9f89a399a6196d7fadfab4a
kernel-debug-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 6a544f44bde82aa8881d827fab74656c3010106dda8f8bd524dee00bb2029235
kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 97000bf342c065f268a611c0522bd7fed6bd1d0d5055d08b1360ed8ffc54788b
kernel-debug-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3236adcde811ad22d95792831bc15106d50ab429b51d65fc1e2e2270258d0a34
kernel-debug-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 498b93bdd92fad86e3232a4984b4e88362fd6958c68e696f595a47444e0f07fc
kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 2d281975fdebfbe9710ed5b353a54dd4cbf264d39c7f6fce80ed1b86fbffdad6
kernel-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 50d481e285c968b4c025d870081022624ee428a3a4dd9c87fb91047d6cd93a21
kernel-debuginfo-common-x86_64-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 96eb8db811c23ad50b1b66a47a68a59f7b226f568ceb1fd4a8ab2a34bdb39eff
kernel-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 4379906d2b72f05807b8d8d5b0ec03eaf3d64e0fcdf9e6cfa18e33a3ab91422d
kernel-doc-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: e7477f64f83a3e161a170943f2a4b211993da0619806561f0d390b139911f740
kernel-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 157bc80b7995797883a23be3d18e8d855bb73b21014cbd54c70b8bd2984ad414
kernel-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9b470ed6e8883e3adb7577af51b1a2fc3b86be19f258c35a86ed7538744f52f2
kernel-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 109481c39fe251293c1d284f4309c3386cdf7b5fce341c2eb2b8a73f5788012f
kernel-tools-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: f659435d0f886d74bfa5c69eeee6c492e4777f645dc902e4b190272ed14b14be
kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3d3c9cb2421dc00e9848e8f824e296dff2ba7018a3b23fabf50d860c1869bcf9
kernel-tools-libs-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e35d78706559bbfa39039cfc9afbadaedeee84c941b3e8aa5b52ac9521aece45
perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ffef69db255ce07e252365fb9c522e8736dfc47e98e5d4d08f053c44df532b9a
perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9f67c3c968bc8898d0cc14986fe223c1af70185fe8244f58160f7895babcc1fe
python3-perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ad657087e635f8870424d5145e3850ee77a319f43be5e3a6ce52f634fcc76604
python3-perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 173b22a014a6142b011a69ec9e507fa68b75aef0f8c9df5fa99bf248b89e9cd5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
kernel-4.18.0-305.103.1.el8_4.src.rpm
SHA-256: a2bd6189c7d671403f963fff1b225104e2037b9f91f3359549b39b3e7df48004
ppc64le
bpftool-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 74329f24d7c3a39659b74cf768a57bf408909d2328b3dd8d3927e2dbb621f1b6
bpftool-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 883dfa285520a30def72022007e027c666f4dbf023e99285662b2249c2905156
kernel-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: d083229772645308b0717b3bb4a5b6e7e7bd52b65231d38fc5e1f665570a68fe
kernel-abi-stablelists-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: c5e23c7943502cb94c6ea2ce7af0fbe7c1e32d66edcd5a18ec561293e1a7608a
kernel-core-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: b9e5e59217b51ddc3d32c246b2dd75ae8f8f8285c8448b513c6ab50d2414e148
kernel-cross-headers-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: fe0988456df0171a45a144d1757ea45643d2bfc4c8f09e93ef5de39da9da6722
kernel-debug-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: ae7778dc91cfc48aa80e23d75d104d828ed2396254aaa7e443f7c3f50b1928e0
kernel-debug-core-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 35869f913bd5fe2cb9fdf6af9e3f4ebbac88b6a52daa43f3bc649236912432be
kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: bcef3d8dfe839dcfeffbb8c5200df156bc5623e07f54608c29a1dcf2e79d5cd4
kernel-debug-devel-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: a319c70e6c26692e5b4832badde9f8678197bb336c0922d6540398e4453cb4d2
kernel-debug-modules-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 0e496c19dfa80e25334d8c459f73684c29bfb55b0cb19d36413ed155507a8a16
kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 114cc216d8314f5ab0f3892e9371a97b709611227c4904ee7573d728b7a3ecb4
kernel-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 4fe6af9eca0d072cd434a5e31b3d891f9aee61b21d3af63afa1e02b054731d4c
kernel-debuginfo-common-ppc64le-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 0684c70f2579eb688a35df4d87c4f6722dd9fd6c9e1dbcd3ad0930547525ae71
kernel-devel-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: c251eb8b802bb969847809d33e9a59d14c3683eb471078c45649738fcf086493
kernel-doc-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: e7477f64f83a3e161a170943f2a4b211993da0619806561f0d390b139911f740
kernel-headers-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: c7d45cf244658f4dd42b7fdb91e108c21d33598784cf1880efbc80dedc019e9d
kernel-modules-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 9562425e3841203dcb7bbf4802da9dc2a9b981ee52629d0e217ef7c839da2005
kernel-modules-extra-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: edf2b1db89080c3ca2fde5f929e36155329a266b3bd733a7274d38d05867a43e
kernel-tools-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 3df120ed975a98aff88d85b06a094a78f01d6691d11072e6d032e9ea6bb4a87d
kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 342738fd07a87d28f815d3f9abddb7ecc8743064de0ffeaefba1d34436f82ee7
kernel-tools-libs-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: cad74fd638139790fe0d596c7c923b4918242d570b62fcd271efe7205aa15c19
perf-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 49ed22c05f8cebdff4c760d01dc9e3b4d04474a3d0875a1c7a79f4a55443b100
perf-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 81e3d54dd40603a896d694fb1c618484e6b34fce86d5195336cf9aaa82f4dba2
python3-perf-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: 8a86c3eea7f096d35729c64354aec47a3bc6e728dd345ee66089e6b85e5d2cfb
python3-perf-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm
SHA-256: c921328728fe76aef04fafb4fe2597d6de5ddc052a52ab269b10167e21d868b9
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
kernel-4.18.0-305.103.1.el8_4.src.rpm
SHA-256: a2bd6189c7d671403f963fff1b225104e2037b9f91f3359549b39b3e7df48004
x86_64
bpftool-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e83b84a46a9d6169d0277fbc1cb178d32c1fc7a504a090987078f5c1ff117eb6
bpftool-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 761952c2b36a63ce34040a5297eb8cdc5a32fadee146077389270bfba906d645
kernel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 1dd6162abc2d8a6acf65c702366c35a957658a5cb2c1929b741ef006a9263a2b
kernel-abi-stablelists-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: c5e23c7943502cb94c6ea2ce7af0fbe7c1e32d66edcd5a18ec561293e1a7608a
kernel-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 90d121fffdc23242628ed79ad13a911080130df79d24a852e854b63d1b663602
kernel-cross-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 66f0bc4c8813031e102ee2478a9b1d3e479d4021d88542970163aac814cde209
kernel-debug-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 14571c28bafc47e0bed62f7b289a8669ebfd4e00c9f89a399a6196d7fadfab4a
kernel-debug-core-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 6a544f44bde82aa8881d827fab74656c3010106dda8f8bd524dee00bb2029235
kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 97000bf342c065f268a611c0522bd7fed6bd1d0d5055d08b1360ed8ffc54788b
kernel-debug-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3236adcde811ad22d95792831bc15106d50ab429b51d65fc1e2e2270258d0a34
kernel-debug-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 498b93bdd92fad86e3232a4984b4e88362fd6958c68e696f595a47444e0f07fc
kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 2d281975fdebfbe9710ed5b353a54dd4cbf264d39c7f6fce80ed1b86fbffdad6
kernel-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 50d481e285c968b4c025d870081022624ee428a3a4dd9c87fb91047d6cd93a21
kernel-debuginfo-common-x86_64-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 96eb8db811c23ad50b1b66a47a68a59f7b226f568ceb1fd4a8ab2a34bdb39eff
kernel-devel-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 4379906d2b72f05807b8d8d5b0ec03eaf3d64e0fcdf9e6cfa18e33a3ab91422d
kernel-doc-4.18.0-305.103.1.el8_4.noarch.rpm
SHA-256: e7477f64f83a3e161a170943f2a4b211993da0619806561f0d390b139911f740
kernel-headers-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 157bc80b7995797883a23be3d18e8d855bb73b21014cbd54c70b8bd2984ad414
kernel-modules-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9b470ed6e8883e3adb7577af51b1a2fc3b86be19f258c35a86ed7538744f52f2
kernel-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 109481c39fe251293c1d284f4309c3386cdf7b5fce341c2eb2b8a73f5788012f
kernel-tools-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: f659435d0f886d74bfa5c69eeee6c492e4777f645dc902e4b190272ed14b14be
kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 3d3c9cb2421dc00e9848e8f824e296dff2ba7018a3b23fabf50d860c1869bcf9
kernel-tools-libs-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: e35d78706559bbfa39039cfc9afbadaedeee84c941b3e8aa5b52ac9521aece45
perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ffef69db255ce07e252365fb9c522e8736dfc47e98e5d4d08f053c44df532b9a
perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 9f67c3c968bc8898d0cc14986fe223c1af70185fe8244f58160f7895babcc1fe
python3-perf-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: ad657087e635f8870424d5145e3850ee77a319f43be5e3a6ce52f634fcc76604
python3-perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm
SHA-256: 173b22a014a6142b011a69ec9e507fa68b75aef0f8c9df5fa99bf248b89e9cd5
Related news
Red Hat Security Advisory 2024-4098-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support.
Ubuntu Security Notice 6701-4 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6701-2 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2024-1278-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include out of bounds write and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-1269-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-1268-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-7431-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7417-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
Ubuntu Security Notice 6442-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were also addressed.
Red Hat Security Advisory 2023-5627-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, null pointer, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5604-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3609: A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subs...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1206: A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. * CVE-2...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4128: A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. * CVE-2023-31248: A use-af...
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.
Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5255-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine- tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate t...
Red Hat OpenShift Virtualization release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6340-2 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6349-1 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6348-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4967-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4967-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which ...
Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6325-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6321-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4888-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...
Ubuntu Security Notice 6316-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6315-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4829-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4829-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation....
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. * CVE-2022-39188: A flaw was found in include/asm-generic/tlb.h in the Linux ...
Red Hat Security Advisory 2023-4698-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 6283-1 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6285-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6285-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...
Red Hat Security Advisory 2023-4517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4541-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4541-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...
An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...
An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...
An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...
Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-35788: A flaw was found ...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-35788: A flaw was found ...
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.
Debian Linux Security Advisory 5461-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6250-1 - Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6250-1 - Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6248-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in Adreno GPU DRM driver in the Linux kernel, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6247-1 - David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 6235-1 - It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6235-1 - It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4138-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4137-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4137-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. * CVE-2022-42703: A memory leak flaw with us...
Debian Linux Security Advisory 5453-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6220-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
Ubuntu Security Notice 6206-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6205-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.
Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
Ubuntu Security Notice 6192-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Xingyuan Mo and Gengjia Chen discovered that the io_uring subsystem in the Linux kernel did not properly handle locking when IOPOLL mode is being used. A local attacker could use this to cause a denial of service.
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.
Red Hat Security Advisory 2023-3723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.
Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6071-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6070-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6051-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.