|
|
Subscribe / Log in / New account

Red Hat alert RHSA-2023:7398-01 (kernel)

An update for kernel is now available for Red Hat Enterprise Linux 8.6
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating
system.

Security Fix(es):

* kernel: net/sched: cls_u32 component reference counter leak if
tcf_change_indev() fails (CVE-2023-3609)

* kernel: net/sched: cls_fw component can be exploited as result of failure
in tcf_change_indev function (CVE-2023-3776)

* kernel: use-after-free due to race condition occurring in
dvb_register_device() (CVE-2022-45884)

* kernel: use-after-free due to race condition occurring in dvb_net.c
(CVE-2022-45886)

* kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c
(CVE-2022-45919)

* Kernel: NULL pointer dereference problem in sctp_sched_dequeue_common
(CVE-2023-2177)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* LPAR is crashed by Phyp when doing DLPAR CPU operations (BZ#2193377)

* ibmvnic: NONFATAL reset causes dql BUG_ON crash (BZ#2236702)

* i40e: backport selected bugfixes (BZ#2238306)

* Random delay receiving packets after bringing up VLAN on top of VF with
vf-vlan-pruning enabled (BZ#2240752)

* sctp: fix hb_timer refresh for the pf state on transports (BZ#2245286)

* sctp: sysctl: make extra pointers netns aware (BZ#2245289)

This content is licensed under the Creative Commons Attribution 4.0
International License (https://creativecommons.org/licenses/by/4.0/). If you
distribute this content, or a modified version of it, you must provide
attribution to Red Hat Inc. and provide a link to the original.


Original: https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7398.json
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds