ALSA-2023:1584

[ALSA-2023:1584] Important: kernel-rt security and bug fix update

Type:

security

Severity:

important

Release date:

2023-09-15

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
* ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
* kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
* kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Lazy irq_work does not raise softirq on PREEMPT_RT [almalinux-8] (BZ#2172163)
* The latest AlmaLinux 8.7.z3 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2172278)

References:

Updated packages listed below:

Architecture	Package	Checksum
x86_64	kernel-rt-debug-modules-extra-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	04bea106ae741a75117e42b5320391fbc44998b21a1c9194d4ab3118692ff706
x86_64	kernel-rt-core-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	31b37e4e771b9e5083a48cebb309a5894f5bbbf12efd66645c6db544a9ddc52e
x86_64	kernel-rt-debug-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	36dfd8b17fefc10c9de844e2d082805452739dbe5c7c45906eaceb29b835de36
x86_64	kernel-rt-debug-kvm-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	498234dd65e3aa7374400599ae4c62e6540379524b1e6ebca0d2b5c3048924ea
x86_64	kernel-rt-devel-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	69c57c72bd22cb84a4648d095e755d8d29c809ab47214c73eebc393162860cdf
x86_64	kernel-rt-debug-core-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	6dc025557b3830c32f215be6ab4aa05990b3d82423f22a187fba6185e9b4ed4f
x86_64	kernel-rt-debug-devel-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	7859e91d5ec041c4f5d4e406a3e50d19baecf8258149c0d61632389ec7ffdddf
x86_64	kernel-rt-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	79548d3bc9456deabf5fbcd1fb6d30cb155a71ddb68939b349b36e5c78686288
x86_64	kernel-rt-modules-extra-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	81d65a0070b857bba89ddd4471d373fbba360de5a6821ac334429c340b6e78e7
x86_64	kernel-rt-kvm-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	9c263829e0c9626098ccdd8fc2a8926dd717ef6fdf47c05917878e3213caac82
x86_64	kernel-rt-modules-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	cbd2653eb32f47a0e8769e81c0f055b9b505bcb9c1c000bb5ab5e326ad07ffad
x86_64	kernel-rt-debug-modules-4.18.0-425.19.2.rt7.230.el8_7.x86_64.rpm	d6174c8d9904b369a5c2403c4f6be762746c884cbdebd30c61afe55819e7de05

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.