AlmaLinux 2325 Published by

A kernel-rt security and bug fix update has been released for AlmaLinux 9.



ALSA-2023:0979 Important: kernel-rt security and bug fix update


Type:
security

Severity:
important

Release date:
2023-02-28

Description
Security Fix(es):
* kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
* kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
* kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack (CVE-2022-4379)
* kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)
* kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* kernel-rt: update RT source tree to the latest AlmaLinux-9.1.z2 Batch (BZ#2160463)

References:
RHSA-2023:0979
CVE-2022-2873
CVE-2022-3564
CVE-2022-4378
CVE-2022-4379
CVE-2023-0179
ALSA-2023:0979

Updates packages:
kernel-rt-debug-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-debug-kvm-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-modules-extra-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-devel-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-debug-modules-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-debug-core-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-debug-modules-extra-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-debug-devel-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-core-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-modules-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm
kernel-rt-kvm-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:0979 Important: kernel-rt security and bug fix update