Red Hat Security Advisory: kernel security, bug fix, and enhancement update
🔗 CVE IDs covered (21)
📋 Description
CVE-2022-40982 — hw: Intel: Gather Data Sampling (GDS) side channel vulnerability CVE-2022-45884 — kernel: use-after-free due to race condition occurring in dvb_register_device() CVE-2022-45886 — kernel: use-after-free due to race condition occurring in dvb_net.c CVE-2022-45919 — kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c CVE-2022-50822 — kernel: Linux kernel: Memory leak in RDMA restrack leads to Denial of Service CVE-2023-1192 — kernel: use-after-free in smb2_is_status_io_timeout() CVE-2023-3609 — kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails CVE-2023-4128 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4206 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4207 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4208 — kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route CVE-2023-4732 — kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h CVE-2023-38409 — kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment CVE-2023-42753 — kernel: netfilter: potential slab-out-of-bound access due to integer underflow CVE-2023-52562 — kernel: mm/slab_common: slab_caches list corruption after kmem_cache_destroy() CVE-2023-53114 — kernel: i40e: Fix kernel crash during reboot when adapter is in recovery mode CVE-2023-53299 — kernel: md/raid10: fix leak of 'r10bio->remaining' for recovery CVE-2023-53620 — kernel: md: fix soft lockup in status_resync CVE-2023-53832 — kernel: md/raid10: fix null-ptr-deref in raid10_sync_request CVE-2023-54123 — kernel: Kernel: Denial of Service due to memory leak in RAID10 functionality CVE-2023-54294 — kernel: md/raid10: fix memleak of md thread
🔗 References (14)
- selfhttps://access.redhat.com/errata/RHSA-2023:7539
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/solutions/7027704
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2148510
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2148517
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2151956
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2154178
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2223949
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2225201
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2225511
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2230042
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2236982
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2239843
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7539.json