RLSA-2023:7548
Important: kernel-rt security update
Topic
An update is available for kernel-rt.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)
* kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
* kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)
* kernel: use-after-free due to race condition occurring in dvb_register_device() (CVE-2022-45884)
* kernel: use-after-free due to race condition occurring in dvb_net.c (CVE-2022-45886)
* kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c (CVE-2022-45919)
* kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Rocky Linux 8
SRPMs
- kernel-rt-0:4.18.0-513.9.1.rt7.311.el8_9.src.rpm
RPMs
- kernel-rt-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-core-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-core-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-debuginfo-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-devel-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debuginfo-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debuginfo-common-x86_64-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-kvm-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-modules-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-debug-modules-extra-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-devel-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-kvm-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-modules-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
- kernel-rt-modules-extra-0:4.18.0-513.9.1.rt7.311.el8_9.x86_64.rpm
Issued: 12/6/2023
Type: Security
Severity: Important
Affected Product
- Rocky Linux 8
Fixes
CVEs
References
- No references