An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * smpboot: Scheduler frequency invariance went wobbly, disabling! (BZ#2188316) * Crash: kernel BUG at kernel/locking/rtmutex.c:1338! (BZ#2188722) * kernel-rt: update RT source tree to the Rocky Linux-8.8.z0 source tree. (BZ#2196667)
kernel-rt-0:4.18.0-477.13.1.rt7.276.el8_8.src.rpm
kernel-rt-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-core-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-core-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-debuginfo-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-devel-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debuginfo-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-kvm-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-modules-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-debug-modules-extra-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-devel-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-kvm-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-modules-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
kernel-rt-modules-extra-0:4.18.0-477.13.1.rt7.276.el8_8.x86_64.rpm
No References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32233
https://bugzilla.redhat.com/show_bug.cgi?id=2196105