Red Hat Security Advisory: kernel security, bug fix, and enhancement update
🔗 CVE IDs covered (13)
📋 Description
CVE-2022-27672 — kernel: AMD: Cross-Thread Return Address Predictions CVE-2022-40982 — hw: Intel: Gather Data Sampling (GDS) side channel vulnerability CVE-2022-50042 — kernel: net: genl: fix error path memory leak in policy dumping CVE-2022-50645 — kernel: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() CVE-2023-3609 — kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails CVE-2023-3812 — kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags CVE-2023-4128 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4206 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4207 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4208 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-5178 — kernel: use after free in nvmet_tcp_free_crypto in NVMe CVE-2023-42753 — kernel: netfilter: potential slab-out-of-bound access due to integer underflow CVE-2024-0443 — kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2023:7370
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/solutions/7027704
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2174765
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2223949
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2224048
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2225201
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2225511
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2239843
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2241924
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7370.json