Red Hat Security Advisory: kernel-rt security update
🔗 CVE IDs covered (22)
📋 Description
CVE-2022-3545 — kernel: nfp: use-after-free in area_cache_get() CVE-2022-41858 — kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip CVE-2022-50879 — kernel: objtool: Fix SEGFAULT CVE-2023-1192 — kernel: use-after-free in smb2_is_status_io_timeout() CVE-2023-2162 — kernel: UAF during login when accessing the shost ipaddress CVE-2023-2163 — kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe CVE-2023-2166 — kernel: NULL pointer dereference in can_rcv_filter CVE-2023-2176 — kernel: Slab-out-of-bound read in compare_netdev_and_ip CVE-2023-3567 — kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race CVE-2023-3777 — kernel: use-after-free in netfilter: nf_tables CVE-2023-4015 — kernel: use after free in nft_immediate_deactivate CVE-2023-4622 — kernel: use after free in unix_stream_sendpage CVE-2023-4623 — kernel: net/sched: sch_hfsc UAF CVE-2023-5717 — kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list CVE-2023-6679 — kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c CVE-2023-20569 — amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-38409 — kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment CVE-2023-39191 — kernel: eBPF: insufficient stack type checks in dynptr CVE-2023-40283 — kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c CVE-2023-45871 — kernel: IGB driver inadequate buffer size for frames larger than MTU CVE-2023-46813 — kernel: SEV-ES local priv escalation CVE-2023-52973 — kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
🔗 References (24)
- selfhttps://access.redhat.com/errata/RHSA-2024:0439
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2144379
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2154178
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2161310
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2187773
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2187813
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2187931
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2207625
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2221463
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2226783
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2230042
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2230094
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2231800
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2237750
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2237752
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2237757
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2237760
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2240249
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2244723
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2246944
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2246945
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2253986
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0439.json