Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:1470

Опубликовано: 06 апр. 2023
Источник: rocky
Оценка: Important

Описание

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)

  • ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)

  • kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Rocky Linux9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127880)

  • Cgroups_v2, when creating new cgroup/container, resets the cpu affinity masks for all usr processes on the system. (BZ#2143766)

  • Rocky Linux9.0 - boot: Add secure boot trailer (BZ#2151528)

  • kernel-rt-debug: WARNING: possible circular locking dependency detected (&n->list_lock->&p->pi_lock->&lock->wait_lock) (BZ#2160614)

  • Support cpuset.sched_load_balance by changing default CPUset directory structure (BZ#2161105)

  • Rocky Linux9.0 - s390/kexec: fix ipl report address for kdump (BZ#2166903)

  • libgpiod doesn't seem to work with Interphase gpiochip (BZ#2166956)

  • Azure Rocky Linux9 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170227)

Enhancement(s):

  • IBM 9.2 FEAT: Upgrade the QETH driver to latest from upstream, e.g. kernel 6.0 (BZ#2166304)

  • Intel 9.2 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168382)

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
bpftoolaarch64162.22.2.el9_1bpftool-5.14.0-162.22.2.el9_1.aarch64.rpm
kernelaarch64162.22.2.el9_1kernel-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-abi-stablelistsnoarch162.22.2.el9_1kernel-abi-stablelists-5.14.0-162.22.2.el9_1.noarch.rpm
kernel-coreaarch64162.22.2.el9_1kernel-core-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-debugaarch64162.22.2.el9_1kernel-debug-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-debug-coreaarch64162.22.2.el9_1kernel-debug-core-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-debug-modulesaarch64162.22.2.el9_1kernel-debug-modules-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-debug-modules-extraaarch64162.22.2.el9_1kernel-debug-modules-extra-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-modulesaarch64162.22.2.el9_1kernel-modules-5.14.0-162.22.2.el9_1.aarch64.rpm
kernel-modules-extraaarch64162.22.2.el9_1kernel-modules-extra-5.14.0-162.22.2.el9_1.aarch64.rpm

Показывать по

Связанные CVE

CVE-2022-4269
CVE-2022-4744
CVE-2023-0266

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2023-1470

oracle-oval
около 2 лет назад

ELSA-2023-1470: kernel security, bug fix, and enhancement update (IMPORTANT)

rocky логотип

RLSA-2023:1566

rocky
около 2 лет назад

Important: kernel security, bug fix, and enhancement update

oracle-oval логотип

ELSA-2023-1566

oracle-oval
около 2 лет назад

ELSA-2023-1566: kernel security, bug fix, and enhancement update (IMPORTANT)

ubuntu логотип

CVE-2022-4269

CVSS3: 5.5
ubuntu
больше 2 лет назад

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.

redhat логотип

CVE-2022-4269

CVSS3: 5.5
redhat
больше 2 лет назад

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.