Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:5819

Опубликовано: 02 авг. 2022
Источник: rocky
Оценка: Important

Описание

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)

  • kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Softirq hrtimers are being placed on the per-CPU softirq clocks on isolcpu’s. (BZ#2090484)

  • enable/disable multiqueues repeatedly while ping local host, guest kernel panic (BZ#2093416)

  • Backport kernel audit enhancements and fixes from v5.13-rc1 to v5.16-rc6 (BZ#2095434)

  • blk_update_request: I/O error, dev nvme0n3, during xfs creation (BZ#2100150)

  • SCSI updates for Rocky Linux 8.7 (BZ#2100254)

  • Kernel bug on mm/slub.c:314 (BZ#2102251)

  • Implement new tc action for check_pkt_len (BZ#2102333)

  • too long timeout value with TIME_WAIT status of conntrack entry (BZ#2104002)

  • Connectx6-DX, mlx5 , backport 087032ee7021 ("net/mlx5e: TC, Fix ct_clear overwriting ct action metadata") (BZ#2104012)

  • mlx5: Software steering memory allocation failure, netperf TCP_CRR with ct(). (BZ#2104013)

  • tcp: request_sock leak in Calico OCP (BZ#2104670)

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64372.19.1.el8_6bpftool-4.18.0-372.19.1.el8_6.x86_64.rpm
kernelx86_64372.19.1.el8_6kernel-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-abi-stablelistsnoarch372.19.1.el8_6kernel-abi-stablelists-4.18.0-372.19.1.el8_6.noarch.rpm
kernel-corex86_64372.19.1.el8_6kernel-core-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-cross-headersx86_64372.19.1.el8_6kernel-cross-headers-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-debugx86_64372.19.1.el8_6kernel-debug-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-debug-corex86_64372.19.1.el8_6kernel-debug-core-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-debug-develx86_64372.19.1.el8_6kernel-debug-devel-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-debug-modulesx86_64372.19.1.el8_6kernel-debug-modules-4.18.0-372.19.1.el8_6.x86_64.rpm
kernel-debug-modules-extrax86_64372.19.1.el8_6kernel-debug-modules-extra-4.18.0-372.19.1.el8_6.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-1012
CVE-2022-32250

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2022-5819

oracle-oval
больше 3 лет назад

ELSA-2022-5819: kernel security and bug fix update (IMPORTANT)

suse-cvrf логотип

SUSE-SU-2022:2172-1

suse-cvrf
больше 3 лет назад

Security update for the Linux Kernel

ubuntu логотип

CVE-2022-1012

CVSS3: 8.2
ubuntu
больше 3 лет назад

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.

redhat логотип

CVE-2022-1012

CVSS3: 6.5
redhat
больше 3 лет назад

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.

nvd логотип

CVE-2022-1012

CVSS3: 8.2
nvd
больше 3 лет назад

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.