Fedora Linux 8810 Published by

A kernel security update has been released for Fedora 37.



[SECURITY] Fedora 37 Update: kernel-6.5.6-100.fc37


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-50bd7c9c12
2023-10-10 01:32:45.619518
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 37
Version : 6.5.6
Release : 100.fc37
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.5.6 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 6 2023 Augusto Caringi [acaringi@redhat.com] [6.5.6-0]
- power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint (Kai-Heng Feng)
- Revert "Add linux-next specific files for 20231004" (Justin M. Forbes)
- redhat/configs: enable missing Kconfig options for Qualcomm RideSX4 (Brian Masney)
- add a couple of CVEs to BugsFixed (Justin M. Forbes)
- Add another F39 FE bug to BugsFixed (Justin M. Forbes)
- Add linux-next specific files for 20231004 (Stephen Rothwell)
- common: aarch64: enable NXP Flex SPI (Peter Robinson)
- fedora: Switch TI_SCI_CLK and TI_SCI_PM_DOMAINS symbols to built-in (Javier Martinez Canillas)
- Add bug for amdgpu to BugsFixed for 6.5.6 (Justin M. Forbes)
- drm/amdgpu: set completion status as preempted for the resubmission (Jiadong Zhu)
- Add CVE-2023-42756 to BugsFixed for 6.5.6 (Justin M. Forbes)
- Linux v6.5.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2239845 - CVE-2023-42754 kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()
https://bugzilla.redhat.com/show_bug.cgi?id=2239845
[ 2 ] Bug #2239848 - CVE-2023-42756 kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP
https://bugzilla.redhat.com/show_bug.cgi?id=2239848
[ 3 ] Bug #2242172 - CVE-2023-5345 kernel: use-after-free vulnerability in the smb client component
https://bugzilla.redhat.com/show_bug.cgi?id=2242172
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-50bd7c9c12' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------