Rocky Linux: RXSA-2024:1248 kernel security update
Summary
An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817) * kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193) * kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646) * kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction (CVE-2023-4244) * kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list (CVE-2023-5717) * kernel: NULL pointer dereference in nvmet_tcp_build_iovec (CVE-2023-6356) * kernel: NULL pointer dereference in nvmet_tcp_execute_request (CVE-2023-6535) * kernel: NULL pointer dereference in __nvmet_req_complete (CVE-2023-6536) * kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606) * kernel: OOB Access in smb2_dump_detail (CVE-2023-6610) * kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
bpftool-0:7.2.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
bpftool-0:7.2.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
bpftool-debuginfo-0:7.2.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
bpftool-debuginfo-0:7.2.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-0:5.14.0-362.24.1.el9_3.cloud.0.6.src.rpm
kernel-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-abi-stablelists-0:5.14.0-362.24.1.el9_3.cloud.0.6.noarch.rpm
kernel-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-cross-headers-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-cross-headers-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-devel-matched-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-devel-matched-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-modules-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-modules-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-modules-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-modules-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-debug-modules-extra-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-debug-modules-extra-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-devel-matched-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-devel-matched-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-doc-0:5.14.0-362.24.1.el9_3.cloud.0.6.noarch.rpm
kernel-headers-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-headers-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-modules-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-modules-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-modules-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-modules-core-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-modules-extra-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-modules-extra-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-tools-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-tools-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-tools-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-tools-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-tools-libs-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-tools-libs-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
kernel-tools-libs-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
kernel-tools-libs-devel-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
perf-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
perf-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
perf-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
perf-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
python3-perf-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
python3-perf-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
python3-perf-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
python3-perf-debuginfo-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
rtla-0:5.14.0-362.24.1.el9_3.cloud.0.6.aarch64.rpm
rtla-0:5.14.0-362.24.1.el9_3.cloud.0.6.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4244
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0646
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2235306
https://bugzilla.redhat.com/show_bug.cgi?id=2246945
https://bugzilla.redhat.com/show_bug.cgi?id=2253611
https://bugzilla.redhat.com/show_bug.cgi?id=2253614
https://bugzilla.redhat.com/show_bug.cgi?id=2253908
https://bugzilla.redhat.com/show_bug.cgi?id=2254052
https://bugzilla.redhat.com/show_bug.cgi?id=2254053
https://bugzilla.redhat.com/show_bug.cgi?id=2254054
https://bugzilla.redhat.com/show_bug.cgi?id=2255139
https://bugzilla.redhat.com/show_bug.cgi?id=2255653
https://bugzilla.redhat.com/show_bug.cgi?id=2259866