ALSA-2023:4541

[ALSA-2023:4541] Important: kernel-rt security and bug fix update

Type:

security

Severity:

important

Release date:

2023-08-11

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
* kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
* kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)
* kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)
* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)
* kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
x86_64	kernel-rt-kvm-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	085baccbbf440d18fc292067e0b1f477b1276c07bd1ada31221215b4cf32be8a
x86_64	kernel-rt-modules-extra-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	267309dafa32787cdb9d9c01cfafadf1dc554302be8dcaf227ff397ef7915efc
x86_64	kernel-rt-debug-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	2d52c700e882ba87d358e529239cd64fa061dcd7b4e0b7ca621eeb0f213509e9
x86_64	kernel-rt-debug-kvm-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	35026768f838eb9f4b4ae98e02b208b873d2244a3762ca281783901ff03356b7
x86_64	kernel-rt-modules-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	430ba616092669db6109661dcc988f197e19def8cdd72521c4489b7d33e2fb1b
x86_64	kernel-rt-devel-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	54b7f4afccda658179f9caf37df211662eb8bc6c300d10a013524bff01e6751f
x86_64	kernel-rt-debug-core-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	7f370cbb929766fc56ab0a5cb1a99c4a5eaf146d6a932a32444303b9b2ae1898
x86_64	kernel-rt-debug-modules-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	80abab06c01704fe7615056c6c72e059fc049cb62c7a69195d90f1eeb071a546
x86_64	kernel-rt-debug-devel-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	9f33b85e697118741633d3e5ee44f1b790dc896e6818e8cbee8f8f13547caed0
x86_64	kernel-rt-core-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	d2afcf39efcf6393ba10fa4d0215247b2a6f8e734b8c86183bd3b718ebbb7eb0
x86_64	kernel-rt-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	e0f236b7f2b7d8d78289559efd403d8a415a405988a6c036897e498d5410c7e5
x86_64	kernel-rt-debug-modules-extra-4.18.0-477.21.1.rt7.284.el8_8.x86_64.rpm	ea23f55bcfd6d268417170938b5b722bff5ff585dc48756e5b025038a9a6f95e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.