ALSA-2023:3708

[ALSA-2023:3708] Important: kernel-rt security and bug fix update

Type:

security

Severity:

important

Release date:

2023-07-11

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)
* kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
* Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)
* kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)
* kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* [RT] Single Node Openshift cluster becomes unreachable after running less than 2 hours (BZ#2186853)
* kernel-rt: update RT source tree to the latest AlmaLinux-9.2.z1 Batch (BZ#2188313)

References:

Updated packages listed below:

Architecture	Package	Checksum
x86_64	kernel-rt-debug-modules-extra-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	16ec2fce7651996f3a3de88c35365e8cb85d02913ecdb70ae090fac89c3a8333
x86_64	kernel-rt-kvm-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	1b545bc324b32b951e1808c52f3b76400c990f495307e608b0a9ff20c51a7759
x86_64	kernel-rt-debug-core-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	43910abc8c5ceb8086c12ea84d7faa21e41a1c73a6ac2cf98927abbb016294d3
x86_64	kernel-rt-debug-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	55d8a972ed02da85f322acb8c07ea1764256ce70ac411495f2a425a6bb2371fb
x86_64	kernel-rt-debug-devel-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	5627f33bd091366351ec1508a4cb43e28bbed408c0c0230e55d48a5344660f90
x86_64	kernel-rt-debug-modules-core-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	5a1fc4070e6c2156cbc052791691f7cd2dcd249233b090f060c785eb0ee32b40
x86_64	kernel-rt-devel-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	5c8a5bdac984f5eccb4da44be9c2ecd690ce8765873aa1d7ad2291f5118bc7be
x86_64	kernel-rt-modules-extra-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	7dbf6cf12b72317566adbe84dbed4bb9261db8cd106473d0e60b706dd3510e27
x86_64	kernel-rt-core-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	8dccf23c4bbcbf0383217e9d5a46bcc1a394c31482505d4ac3a909a33651850d
x86_64	kernel-rt-debug-kvm-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	ac7dd269912aa0d6634073a490d42aef9ab6a60192c39795326083eaf7e870c5
x86_64	kernel-rt-modules-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	af5489f0b6da033acabc0e4e8384c09bc488acc0a1a7444335aa73f04485c911
x86_64	kernel-rt-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	b4ccb088417921462101f49dc102d9f795b189a7b925c5da9f99e7e0a2af5ffb
x86_64	kernel-rt-modules-core-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	b6802bd377ce62531f9e273b5025b7f953adeba3caa0ece154c0349871bb1ee7
x86_64	kernel-rt-debug-modules-5.14.0-284.18.1.rt14.303.el9_2.x86_64.rpm	c393dc1e20d8d4b78e3446699cadee0cd3dcbfca79fa65a2cce8f0996c6a8415

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.