[ALSA-2023:2951] Important: kernel security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2023-05-19
Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2122230, BZ#2122267) Security Fix(es): * use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564) * net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461) * hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341) * malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655) * when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656) * possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462) * use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679) * KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789) * KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196) * netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663) * race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028) * media: em28xx: initialize refcount before kref_get (CVE-2022-3239) * race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522) * memory leak in ipv6_renew_options() (CVE-2022-3524) * data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566) * data races around sk->sk_prot (CVE-2022-3567) * memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619) * denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623) * use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625) * USB-accessible buffer overflow in brcmfmac (CVE-2022-3628) * Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707) * l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129) * igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141) * Executable Space Protection Bypass (CVE-2022-25265) * Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594) * unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188) * TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189) * Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218) * u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674) * use-after-free related to leaf anon_vma double reuse (CVE-2022-42703) * use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720) * BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721) * Denial of service in beacon protection for P2P-device (CVE-2022-42722) * memory corruption in usbmon driver (CVE-2022-43750) * NULL pointer dereference in traffic control subsystem (CVE-2022-47929) * NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394) * use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195) * Soft lockup occurred during __page_mapcount (CVE-2023-1582) * slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 kernel-tools-libs-4.18.0-477.10.1.el8_8.aarch64.rpm 016e7733768a0c0b4339fd0a219cb2ff0dd4c0eec3792f508586f3c9baf53384
aarch64 kernel-4.18.0-477.10.1.el8_8.aarch64.rpm 145da58f49dfebafc25827a6244b357c4f670c6ca3b623e8c0c94d6b1c29f364
aarch64 kernel-modules-4.18.0-477.10.1.el8_8.aarch64.rpm 367d028573cc7a09760f4e9c5d1ab1cbf322199c8891c4a828470e5ad807b406
aarch64 perf-4.18.0-477.10.1.el8_8.aarch64.rpm 3efcd924d91b0f8c013496d314d7df96b868dd388246284470b07abe224e8435
aarch64 kernel-tools-4.18.0-477.10.1.el8_8.aarch64.rpm 4bdfb6ba909bde6f8e744111173202870357089aa6b518bb386e6965f70f1ecc
aarch64 kernel-debug-4.18.0-477.10.1.el8_8.aarch64.rpm 91ba20b465ebdbd21bc90e497ee9abcfc1bedba5f7da6f4a1f43ee8380a66f29
aarch64 kernel-devel-4.18.0-477.10.1.el8_8.aarch64.rpm 96ac43bbb968eec0bee11d1ba74e92e43d7f22c406a1d844f84fbdd8a93d1efa
aarch64 kernel-modules-extra-4.18.0-477.10.1.el8_8.aarch64.rpm 9776c721b9a2c8a2c22be479fc45d3bd8e3709fee6da002065bd37e331b209a1
aarch64 bpftool-4.18.0-477.10.1.el8_8.aarch64.rpm ac6f5abd25119efee07ba6610e07e41cac712ad0a8cec5ea4c5581eea380e00d
aarch64 kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.aarch64.rpm b8fe8fef78de414b50e03c5b63c2b28f9a8b45f7cbac651289cf3aa78eb79ee1
aarch64 kernel-core-4.18.0-477.10.1.el8_8.aarch64.rpm cfabd76ac00295fb6a3068f9576a6cace9b3dfe3dde9ac356e700c0700f147d7
aarch64 kernel-debug-devel-4.18.0-477.10.1.el8_8.aarch64.rpm dfcff595edea44f2164c5b3147bf8c5ea914a5be6ad1e4895eafb31ce480edbd
aarch64 kernel-debug-modules-4.18.0-477.10.1.el8_8.aarch64.rpm e53ed91fdc56bed2c86e3b84b6fc4c591851e3a27deaa32529204eca1b764b54
aarch64 kernel-debug-core-4.18.0-477.10.1.el8_8.aarch64.rpm e934f0553427c51f4cc5730b02bf1f3dc898d3cbadb37da066f356a6fc5b4b47
aarch64 python3-perf-4.18.0-477.10.1.el8_8.aarch64.rpm e97204320e8e2cd4f20e2c7708c9a69a559d158c0171d6aa59e22e1b19b31129
aarch64 kernel-cross-headers-4.18.0-477.10.1.el8_8.aarch64.rpm f3469822e1a6dd782985f4ca335d64a438b13e89dd12204c041ba9415a5dcffc
aarch64 kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.aarch64.rpm f48c27d4a80783b628bbca7206e27a710675ad00e14a4092bd9fb519f8969edd
noarch kernel-doc-4.18.0-477.10.1.el8_8.noarch.rpm 75389a66e4169b86b75fe5861813f34e7fda71bc6f1668b70f2ac886a19b8715
noarch kernel-abi-stablelists-4.18.0-477.10.1.el8_8.noarch.rpm a132b852616ce4cc0fe540f3a09bb63d91e09cce766084b2fc6cba39653bd08d
ppc64le kernel-cross-headers-4.18.0-477.10.1.el8_8.ppc64le.rpm 146f4907edc9b4f8a400732bdb600f5048e1e4a07fa9dd0d32dc8d8f0faaac2f
ppc64le kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.ppc64le.rpm 2ab3d59bb713494ad8c18c6bdd144eb2c38882141d47429068e046b3ba801330
ppc64le kernel-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm 34bcec1bba34b45f9cfc0208b77dd143fb6a3bd482a229a2eee1251b34a965cb
ppc64le python3-perf-4.18.0-477.10.1.el8_8.ppc64le.rpm 42f3baac2cd8e22881779c652eecc4a49ad45a641d8afa9335aab6add518aec2
ppc64le perf-4.18.0-477.10.1.el8_8.ppc64le.rpm 4885cc8b67682c5a8a613cc24e71333051463f080467ae2ccee98119756eb5c7
ppc64le kernel-tools-4.18.0-477.10.1.el8_8.ppc64le.rpm 4c5e2b17a579174be731075a0a610c7a952661db2409d053d4fd2e06b80e77ed
ppc64le kernel-debug-modules-4.18.0-477.10.1.el8_8.ppc64le.rpm 4e8a80e43b4d63b9d8e5de452270b6f9821f20b2d0149f2af27d8bf1c3f5e42d
ppc64le kernel-core-4.18.0-477.10.1.el8_8.ppc64le.rpm 521fc846070383783d38d8fbac5aa0d836bf6aad837af8365be20a89552f3851
ppc64le kernel-4.18.0-477.10.1.el8_8.ppc64le.rpm 59dab9a20e56d5a4483d80408087972e14bff2f9b49ab8bb2faa737f90d9f117
ppc64le kernel-debug-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm 8dc5a4581673c2b8c87b639e9b3a44adb08e22ccb8e0c324e29384f114227406
ppc64le kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm 957d1d62e108dadc9c6674a110970e3cc308d8c14d3645f4630d4439c882cc0d
ppc64le kernel-tools-libs-4.18.0-477.10.1.el8_8.ppc64le.rpm b82bce292f61ea12434a99ac706e36d763ac2b01f5fdd2e78f85dddae6cf7bba
ppc64le bpftool-4.18.0-477.10.1.el8_8.ppc64le.rpm c93a9e2e7ce33be69e30d0d84dec741df9712114a37009b366962764cbb2a03a
ppc64le kernel-debug-4.18.0-477.10.1.el8_8.ppc64le.rpm e2489f615c07abb37b9a51e839bddb0ebaabd1153d2acfe9740880625ac4d4d9
ppc64le kernel-modules-extra-4.18.0-477.10.1.el8_8.ppc64le.rpm e550ae638ce7511ee35509b0e484f31b1dbb8d2bfb74599ed0826004c972d3b4
ppc64le kernel-modules-4.18.0-477.10.1.el8_8.ppc64le.rpm e5dc196eea4af638c39bc4950f3aa7b8e36f2f3cf11cc9d945b8ee6b6085d968
ppc64le kernel-debug-core-4.18.0-477.10.1.el8_8.ppc64le.rpm ee4f6364b7aa972ed2aebce021319922a34b4419a5f1c51679895d065aa6a2bf
s390x kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm 229a86d91fe4faadd6a7892339d67fab9860be1a19b14073984b4b4b4d984a4a
s390x kernel-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm 273c6d417796bd5dc38da2c6afbac0974ee0cf054d82cc234fafc83bd96b4c5a
s390x kernel-modules-4.18.0-477.10.1.el8_8.s390x.rpm 3bde0ae2e264670584edcd983463a9f7e26fe0108dfe69c5a37d0f8567294aec
s390x kernel-zfcpdump-core-4.18.0-477.10.1.el8_8.s390x.rpm 48a01ccc2f460e0b9ab3da228cc63190cce8d1436100dcd97a4816761a2b3ef4
s390x kernel-zfcpdump-devel-4.18.0-477.10.1.el8_8.s390x.rpm 493dd1d58b3632f6e6b836ff77b26e8ccbafcd1cdc6023466cbab61f9e89a348
s390x kernel-zfcpdump-modules-4.18.0-477.10.1.el8_8.s390x.rpm 4aabda793769088630a384aa2bab58415e73f0c2312ec41f4f6ad3c57b63896b
s390x kernel-debug-modules-4.18.0-477.10.1.el8_8.s390x.rpm 4de6775999540d17aa0422bebc2948d31803335be7fcc726b7e80901ce8c8cd5
s390x perf-4.18.0-477.10.1.el8_8.s390x.rpm 598198a3d220e5c9f945be89cc269b7518d48b37552ad9dec6621bde84608f4a
s390x kernel-4.18.0-477.10.1.el8_8.s390x.rpm 5e21354bf8e7472fcdcd7915a02db4ecff3c11fad363629dec4f1ab552816d5e
s390x kernel-devel-4.18.0-477.10.1.el8_8.s390x.rpm 6f84fd89cbc96451502c9d56d567d049c65efd701067a3172cf395c90a6e73c9
s390x kernel-tools-4.18.0-477.10.1.el8_8.s390x.rpm 9433f8f39c0b1b925104367305ebf396f9154cd409520dfc8da52827c0bc65c9
s390x kernel-debug-devel-4.18.0-477.10.1.el8_8.s390x.rpm 99174a8b5246003f9f74a4ea7a06a1c9774d6519e70e3f7823ae37abd02bc874
s390x kernel-zfcpdump-4.18.0-477.10.1.el8_8.s390x.rpm a0610f54dca170e07eb5881ed85e3003cc359f1ac5413124c6f27f48409d313a
s390x kernel-cross-headers-4.18.0-477.10.1.el8_8.s390x.rpm d9dea8bd421516a7bb66b54c0fa30334c7c3d79ad52ac798dba399ef03588f13
s390x kernel-zfcpdump-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm dbf3cc5886d22844f8083bb12c7792a7cb83fd9048217889bef5ee8c1f59a736
s390x kernel-debug-4.18.0-477.10.1.el8_8.s390x.rpm dc873377e08afc7d6bda9de71fcb92455eb2d33ce62f6e4c7ce7ef563383a004
s390x bpftool-4.18.0-477.10.1.el8_8.s390x.rpm df7e5961c44a05d305b7f5b28b46039ed001d37cfe2369d04ff8049dfcd4d40e
s390x python3-perf-4.18.0-477.10.1.el8_8.s390x.rpm e13e5fea621fb5d685276d5fe8c0982249181410f4388c41411277abffc654a6
s390x kernel-debug-core-4.18.0-477.10.1.el8_8.s390x.rpm f101a58f99b9f15cf9dc3d7ca4595c4a530f58d6d7b14644eed8b7e82aec104f
s390x kernel-core-4.18.0-477.10.1.el8_8.s390x.rpm f5541ddfdf1e5084a5664f2b00b834e0984b4c5b12d534d5feed8c60ae8928b5
x86_64 kernel-modules-4.18.0-477.10.1.el8_8.x86_64.rpm 0882e8f0f7446d37b6addbeef3fe75e4052b8ec37e5b7548494e9bbe477f518e
x86_64 kernel-debug-4.18.0-477.10.1.el8_8.x86_64.rpm 11f193626be6593afaabfc52e1dfb839a6247e7ddc4c3cb78a33dac5acaa1ef1
x86_64 kernel-devel-4.18.0-477.10.1.el8_8.x86_64.rpm 181f3b111a76335d1280e1c1886d84c9c5896bad014cbd179c0f1130171e25a9
x86_64 python3-perf-4.18.0-477.10.1.el8_8.x86_64.rpm 45bf919ee28426c4f98d51a8b3937aacde383a2725d515675059ef998b99d64c
x86_64 kernel-tools-4.18.0-477.10.1.el8_8.x86_64.rpm 5faff99b53be8d2483ac8c9e3b6c546ab7926a395e63fad5fca68c967943e1fe
x86_64 kernel-cross-headers-4.18.0-477.10.1.el8_8.x86_64.rpm 667d695035fdf85d1ccfaa5fb7ebadaa550d7b50824e63a43b0f0cdfe5b0cedc
x86_64 kernel-debug-devel-4.18.0-477.10.1.el8_8.x86_64.rpm 7d8b436386ae3ffaf2ca6516e79ae6d86b6b093f80b94777e130ed528701e775
x86_64 kernel-core-4.18.0-477.10.1.el8_8.x86_64.rpm 82ad848179d3e99734ae444de19d79ae258d2f327ba6691ad76d8d64ca30ffa2
x86_64 bpftool-4.18.0-477.10.1.el8_8.x86_64.rpm 83b4a2fa3688f3848932713522ebfb3307e505604da47b8f5604dbfb5ba9e951
x86_64 kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.x86_64.rpm 9554c90e78cec69edf62a1188c203e816cf19927d6bbb245e14e83292656bb91
x86_64 kernel-debug-core-4.18.0-477.10.1.el8_8.x86_64.rpm 9885d6a2bbdd79f40f4d2ad1ca75f89e299c47787a3ee86bfb456abd8c335ba7
x86_64 kernel-tools-libs-4.18.0-477.10.1.el8_8.x86_64.rpm aa0cd03440ca32d400151d6b753176226f3526cda9bac8738deed8f9dcf3a373
x86_64 kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm aeed17fa745c8e199841b257b1aabdab24a29b8ef53eec8ac0438817f25cbd14
x86_64 kernel-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm c312898dc14c9e64784c49a7a71f5254ba5d0b935609226ea24ceca1a31a19be
x86_64 perf-4.18.0-477.10.1.el8_8.x86_64.rpm e202f82f249e6df6decf255354d32e01614d3252ffb14aa083b21ff677a37ad5
x86_64 kernel-debug-modules-4.18.0-477.10.1.el8_8.x86_64.rpm f757181dcc1ad8f26988cdfe78c84747f17d3c59a88b8ddb11579e32ee0e6a32
x86_64 kernel-4.18.0-477.10.1.el8_8.x86_64.rpm f8895b3edc6e9e1f48d610e2688c3a555c2e64a49d1c038e58d3cbf31b4a29f8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.