ALSA-2023:2951

[ALSA-2023:2951] Important: kernel security, bug fix, and enhancement update

Type:

security

Severity:

important

Release date:

2023-05-19

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The following packages have been upgraded to a later upstream version: kernel (4.18.0). (BZ#2122230, BZ#2122267)

Security Fix(es):

* use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
* when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)
* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
* use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
* memory leak in ipv6_renew_options() (CVE-2022-3524)
* data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
* data races around sk->sk_prot (CVE-2022-3567)
* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
* Executable Space Protection Bypass (CVE-2022-25265)
* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)
* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
* Denial of service in beacon protection for P2P-device (CVE-2022-42722)
* memory corruption in usbmon driver (CVE-2022-43750)
* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
* Soft lockup occurred during __page_mapcount (CVE-2023-1582)
* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

CVE-2021-26341
CVE-2021-33655
CVE-2021-33656
CVE-2022-1462
CVE-2022-1679
CVE-2022-1789
CVE-2022-20141
CVE-2022-2196
CVE-2022-25265
CVE-2022-2663
CVE-2022-3028
CVE-2022-30594
CVE-2022-3239
CVE-2022-3522
CVE-2022-3524
CVE-2022-3564
CVE-2022-3566
CVE-2022-3567
CVE-2022-3619
CVE-2022-3623
CVE-2022-3625
CVE-2022-3628
CVE-2022-3707
CVE-2022-39188
CVE-2022-39189
CVE-2022-41218
CVE-2022-4129
CVE-2022-41674
CVE-2022-42703
CVE-2022-42720
CVE-2022-42721
CVE-2022-42722
CVE-2022-43750
CVE-2022-47929
CVE-2023-0394
CVE-2023-0461
CVE-2023-1195
CVE-2023-1582
CVE-2023-23454
RHSA-2023:2951
ALSA-2023:2951

Updated packages listed below:

Architecture	Package	Checksum
aarch64	kernel-tools-libs-4.18.0-477.10.1.el8_8.aarch64.rpm	016e7733768a0c0b4339fd0a219cb2ff0dd4c0eec3792f508586f3c9baf53384
aarch64	kernel-4.18.0-477.10.1.el8_8.aarch64.rpm	145da58f49dfebafc25827a6244b357c4f670c6ca3b623e8c0c94d6b1c29f364
aarch64	kernel-modules-4.18.0-477.10.1.el8_8.aarch64.rpm	367d028573cc7a09760f4e9c5d1ab1cbf322199c8891c4a828470e5ad807b406
aarch64	perf-4.18.0-477.10.1.el8_8.aarch64.rpm	3efcd924d91b0f8c013496d314d7df96b868dd388246284470b07abe224e8435
aarch64	kernel-tools-4.18.0-477.10.1.el8_8.aarch64.rpm	4bdfb6ba909bde6f8e744111173202870357089aa6b518bb386e6965f70f1ecc
aarch64	kernel-debug-4.18.0-477.10.1.el8_8.aarch64.rpm	91ba20b465ebdbd21bc90e497ee9abcfc1bedba5f7da6f4a1f43ee8380a66f29
aarch64	kernel-devel-4.18.0-477.10.1.el8_8.aarch64.rpm	96ac43bbb968eec0bee11d1ba74e92e43d7f22c406a1d844f84fbdd8a93d1efa
aarch64	kernel-modules-extra-4.18.0-477.10.1.el8_8.aarch64.rpm	9776c721b9a2c8a2c22be479fc45d3bd8e3709fee6da002065bd37e331b209a1
aarch64	bpftool-4.18.0-477.10.1.el8_8.aarch64.rpm	ac6f5abd25119efee07ba6610e07e41cac712ad0a8cec5ea4c5581eea380e00d
aarch64	kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.aarch64.rpm	b8fe8fef78de414b50e03c5b63c2b28f9a8b45f7cbac651289cf3aa78eb79ee1
aarch64	kernel-core-4.18.0-477.10.1.el8_8.aarch64.rpm	cfabd76ac00295fb6a3068f9576a6cace9b3dfe3dde9ac356e700c0700f147d7
aarch64	kernel-debug-devel-4.18.0-477.10.1.el8_8.aarch64.rpm	dfcff595edea44f2164c5b3147bf8c5ea914a5be6ad1e4895eafb31ce480edbd
aarch64	kernel-debug-modules-4.18.0-477.10.1.el8_8.aarch64.rpm	e53ed91fdc56bed2c86e3b84b6fc4c591851e3a27deaa32529204eca1b764b54
aarch64	kernel-debug-core-4.18.0-477.10.1.el8_8.aarch64.rpm	e934f0553427c51f4cc5730b02bf1f3dc898d3cbadb37da066f356a6fc5b4b47
aarch64	python3-perf-4.18.0-477.10.1.el8_8.aarch64.rpm	e97204320e8e2cd4f20e2c7708c9a69a559d158c0171d6aa59e22e1b19b31129
aarch64	kernel-cross-headers-4.18.0-477.10.1.el8_8.aarch64.rpm	f3469822e1a6dd782985f4ca335d64a438b13e89dd12204c041ba9415a5dcffc
aarch64	kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.aarch64.rpm	f48c27d4a80783b628bbca7206e27a710675ad00e14a4092bd9fb519f8969edd
noarch	kernel-doc-4.18.0-477.10.1.el8_8.noarch.rpm	75389a66e4169b86b75fe5861813f34e7fda71bc6f1668b70f2ac886a19b8715
noarch	kernel-abi-stablelists-4.18.0-477.10.1.el8_8.noarch.rpm	a132b852616ce4cc0fe540f3a09bb63d91e09cce766084b2fc6cba39653bd08d
ppc64le	kernel-cross-headers-4.18.0-477.10.1.el8_8.ppc64le.rpm	146f4907edc9b4f8a400732bdb600f5048e1e4a07fa9dd0d32dc8d8f0faaac2f
ppc64le	kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.ppc64le.rpm	2ab3d59bb713494ad8c18c6bdd144eb2c38882141d47429068e046b3ba801330
ppc64le	kernel-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm	34bcec1bba34b45f9cfc0208b77dd143fb6a3bd482a229a2eee1251b34a965cb
ppc64le	python3-perf-4.18.0-477.10.1.el8_8.ppc64le.rpm	42f3baac2cd8e22881779c652eecc4a49ad45a641d8afa9335aab6add518aec2
ppc64le	perf-4.18.0-477.10.1.el8_8.ppc64le.rpm	4885cc8b67682c5a8a613cc24e71333051463f080467ae2ccee98119756eb5c7
ppc64le	kernel-tools-4.18.0-477.10.1.el8_8.ppc64le.rpm	4c5e2b17a579174be731075a0a610c7a952661db2409d053d4fd2e06b80e77ed
ppc64le	kernel-debug-modules-4.18.0-477.10.1.el8_8.ppc64le.rpm	4e8a80e43b4d63b9d8e5de452270b6f9821f20b2d0149f2af27d8bf1c3f5e42d
ppc64le	kernel-core-4.18.0-477.10.1.el8_8.ppc64le.rpm	521fc846070383783d38d8fbac5aa0d836bf6aad837af8365be20a89552f3851
ppc64le	kernel-4.18.0-477.10.1.el8_8.ppc64le.rpm	59dab9a20e56d5a4483d80408087972e14bff2f9b49ab8bb2faa737f90d9f117
ppc64le	kernel-debug-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm	8dc5a4581673c2b8c87b639e9b3a44adb08e22ccb8e0c324e29384f114227406
ppc64le	kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.ppc64le.rpm	957d1d62e108dadc9c6674a110970e3cc308d8c14d3645f4630d4439c882cc0d
ppc64le	kernel-tools-libs-4.18.0-477.10.1.el8_8.ppc64le.rpm	b82bce292f61ea12434a99ac706e36d763ac2b01f5fdd2e78f85dddae6cf7bba
ppc64le	bpftool-4.18.0-477.10.1.el8_8.ppc64le.rpm	c93a9e2e7ce33be69e30d0d84dec741df9712114a37009b366962764cbb2a03a
ppc64le	kernel-debug-4.18.0-477.10.1.el8_8.ppc64le.rpm	e2489f615c07abb37b9a51e839bddb0ebaabd1153d2acfe9740880625ac4d4d9
ppc64le	kernel-modules-extra-4.18.0-477.10.1.el8_8.ppc64le.rpm	e550ae638ce7511ee35509b0e484f31b1dbb8d2bfb74599ed0826004c972d3b4
ppc64le	kernel-modules-4.18.0-477.10.1.el8_8.ppc64le.rpm	e5dc196eea4af638c39bc4950f3aa7b8e36f2f3cf11cc9d945b8ee6b6085d968
ppc64le	kernel-debug-core-4.18.0-477.10.1.el8_8.ppc64le.rpm	ee4f6364b7aa972ed2aebce021319922a34b4419a5f1c51679895d065aa6a2bf
s390x	kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm	229a86d91fe4faadd6a7892339d67fab9860be1a19b14073984b4b4b4d984a4a
s390x	kernel-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm	273c6d417796bd5dc38da2c6afbac0974ee0cf054d82cc234fafc83bd96b4c5a
s390x	kernel-modules-4.18.0-477.10.1.el8_8.s390x.rpm	3bde0ae2e264670584edcd983463a9f7e26fe0108dfe69c5a37d0f8567294aec
s390x	kernel-zfcpdump-core-4.18.0-477.10.1.el8_8.s390x.rpm	48a01ccc2f460e0b9ab3da228cc63190cce8d1436100dcd97a4816761a2b3ef4
s390x	kernel-zfcpdump-devel-4.18.0-477.10.1.el8_8.s390x.rpm	493dd1d58b3632f6e6b836ff77b26e8ccbafcd1cdc6023466cbab61f9e89a348
s390x	kernel-zfcpdump-modules-4.18.0-477.10.1.el8_8.s390x.rpm	4aabda793769088630a384aa2bab58415e73f0c2312ec41f4f6ad3c57b63896b
s390x	kernel-debug-modules-4.18.0-477.10.1.el8_8.s390x.rpm	4de6775999540d17aa0422bebc2948d31803335be7fcc726b7e80901ce8c8cd5
s390x	perf-4.18.0-477.10.1.el8_8.s390x.rpm	598198a3d220e5c9f945be89cc269b7518d48b37552ad9dec6621bde84608f4a
s390x	kernel-4.18.0-477.10.1.el8_8.s390x.rpm	5e21354bf8e7472fcdcd7915a02db4ecff3c11fad363629dec4f1ab552816d5e
s390x	kernel-devel-4.18.0-477.10.1.el8_8.s390x.rpm	6f84fd89cbc96451502c9d56d567d049c65efd701067a3172cf395c90a6e73c9
s390x	kernel-tools-4.18.0-477.10.1.el8_8.s390x.rpm	9433f8f39c0b1b925104367305ebf396f9154cd409520dfc8da52827c0bc65c9
s390x	kernel-debug-devel-4.18.0-477.10.1.el8_8.s390x.rpm	99174a8b5246003f9f74a4ea7a06a1c9774d6519e70e3f7823ae37abd02bc874
s390x	kernel-zfcpdump-4.18.0-477.10.1.el8_8.s390x.rpm	a0610f54dca170e07eb5881ed85e3003cc359f1ac5413124c6f27f48409d313a
s390x	kernel-cross-headers-4.18.0-477.10.1.el8_8.s390x.rpm	d9dea8bd421516a7bb66b54c0fa30334c7c3d79ad52ac798dba399ef03588f13
s390x	kernel-zfcpdump-modules-extra-4.18.0-477.10.1.el8_8.s390x.rpm	dbf3cc5886d22844f8083bb12c7792a7cb83fd9048217889bef5ee8c1f59a736
s390x	kernel-debug-4.18.0-477.10.1.el8_8.s390x.rpm	dc873377e08afc7d6bda9de71fcb92455eb2d33ce62f6e4c7ce7ef563383a004
s390x	bpftool-4.18.0-477.10.1.el8_8.s390x.rpm	df7e5961c44a05d305b7f5b28b46039ed001d37cfe2369d04ff8049dfcd4d40e
s390x	python3-perf-4.18.0-477.10.1.el8_8.s390x.rpm	e13e5fea621fb5d685276d5fe8c0982249181410f4388c41411277abffc654a6
s390x	kernel-debug-core-4.18.0-477.10.1.el8_8.s390x.rpm	f101a58f99b9f15cf9dc3d7ca4595c4a530f58d6d7b14644eed8b7e82aec104f
s390x	kernel-core-4.18.0-477.10.1.el8_8.s390x.rpm	f5541ddfdf1e5084a5664f2b00b834e0984b4c5b12d534d5feed8c60ae8928b5
x86_64	kernel-modules-4.18.0-477.10.1.el8_8.x86_64.rpm	0882e8f0f7446d37b6addbeef3fe75e4052b8ec37e5b7548494e9bbe477f518e
x86_64	kernel-debug-4.18.0-477.10.1.el8_8.x86_64.rpm	11f193626be6593afaabfc52e1dfb839a6247e7ddc4c3cb78a33dac5acaa1ef1
x86_64	kernel-devel-4.18.0-477.10.1.el8_8.x86_64.rpm	181f3b111a76335d1280e1c1886d84c9c5896bad014cbd179c0f1130171e25a9
x86_64	python3-perf-4.18.0-477.10.1.el8_8.x86_64.rpm	45bf919ee28426c4f98d51a8b3937aacde383a2725d515675059ef998b99d64c
x86_64	kernel-tools-4.18.0-477.10.1.el8_8.x86_64.rpm	5faff99b53be8d2483ac8c9e3b6c546ab7926a395e63fad5fca68c967943e1fe
x86_64	kernel-cross-headers-4.18.0-477.10.1.el8_8.x86_64.rpm	667d695035fdf85d1ccfaa5fb7ebadaa550d7b50824e63a43b0f0cdfe5b0cedc
x86_64	kernel-debug-devel-4.18.0-477.10.1.el8_8.x86_64.rpm	7d8b436386ae3ffaf2ca6516e79ae6d86b6b093f80b94777e130ed528701e775
x86_64	kernel-core-4.18.0-477.10.1.el8_8.x86_64.rpm	82ad848179d3e99734ae444de19d79ae258d2f327ba6691ad76d8d64ca30ffa2
x86_64	bpftool-4.18.0-477.10.1.el8_8.x86_64.rpm	83b4a2fa3688f3848932713522ebfb3307e505604da47b8f5604dbfb5ba9e951
x86_64	kernel-tools-libs-devel-4.18.0-477.10.1.el8_8.x86_64.rpm	9554c90e78cec69edf62a1188c203e816cf19927d6bbb245e14e83292656bb91
x86_64	kernel-debug-core-4.18.0-477.10.1.el8_8.x86_64.rpm	9885d6a2bbdd79f40f4d2ad1ca75f89e299c47787a3ee86bfb456abd8c335ba7
x86_64	kernel-tools-libs-4.18.0-477.10.1.el8_8.x86_64.rpm	aa0cd03440ca32d400151d6b753176226f3526cda9bac8738deed8f9dcf3a373
x86_64	kernel-debug-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm	aeed17fa745c8e199841b257b1aabdab24a29b8ef53eec8ac0438817f25cbd14
x86_64	kernel-modules-extra-4.18.0-477.10.1.el8_8.x86_64.rpm	c312898dc14c9e64784c49a7a71f5254ba5d0b935609226ea24ceca1a31a19be
x86_64	perf-4.18.0-477.10.1.el8_8.x86_64.rpm	e202f82f249e6df6decf255354d32e01614d3252ffb14aa083b21ff677a37ad5
x86_64	kernel-debug-modules-4.18.0-477.10.1.el8_8.x86_64.rpm	f757181dcc1ad8f26988cdfe78c84747f17d3c59a88b8ddb11579e32ee0e6a32
x86_64	kernel-4.18.0-477.10.1.el8_8.x86_64.rpm	f8895b3edc6e9e1f48d610e2688c3a555c2e64a49d1c038e58d3cbf31b4a29f8

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.