Scientific Linux alert SLSA-2023:4819-1 (kernel)
| From: | Farhan Ahmed <fahmed@fnal.gov> | |
| To: | scientific-linux-errata@listserv.fnal.gov | |
| Subject: | Security ERRATA Important: kernel on SL7.x x86_64 | |
| Date: | Wed, 30 Aug 2023 19:53:25 -0000 | |
| Message-ID: | <20230830195325.4121.48152@50523906fb6c> |
Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2023:4819-1 Issue Date: 2023-08-30 CVE Numbers: CVE-2023-35788 CVE-2023-20593 -- Security Fix(es): * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * nf_conntrack causing nfs to stall * Request to backport upstream commit 5e2d2cc2588b, 26a8b12747c9, and e98fa02c4f2e for SL 7.9.z * Fix soft lockup happens in gfs2_dir_get_hash_table() -- SL7 x86_64 bpftool-3.10.0-1160.99.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm kernel-3.10.0-1160.99.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.99.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.99.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.99.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.99.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.99.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.99.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.99.1.el7.x86_64.rpm perf-3.10.0-1160.99.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm python-perf-3.10.0-1160.99.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.99.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.99.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.99.1.el7.noarch.rpm kernel-doc-3.10.0-1160.99.1.el7.noarch.rpm - Scientific Linux Development Team