ALSA-2022:7110
- Source
- https://errata.almalinux.org/8/ALSA-2022-7110.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:7110.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2022:7110
- Related
- Published
- 2022-10-25T00:00:00Z
- Modified
- 2022-10-27T09:56:48Z
- Summary
- Important: kernel security, bug fix, and enhancement update
- Details
-
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
- Information leak in scsi_ioctl() (CVE-2022-0494)
- A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
- RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
- Branch Type Confusion (non-retbleed) (CVE-2022-23825)
- RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Add s390iommuaperture kernel parameter (BZ#2081324)
- Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200 (BZ#2091065)
- Update NVME subsystem with bug fixes and minor changes (BZ#2106017)
- Fix parsing of nw_proto for IPv6 fragments (BZ#2106703)
- "vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107488)
- 'disable_policy' is ignored for addresses configured on a down interface (BZ#2109971)
- Backport request for new cpufreq.default_governor kernel command line parameter (BZ#2109996)
- Panics in mpt3sas mpt3sashaltfirmware() if mpt3sasfwfaultdebug=1 enabled when poweroff issued to server (BZ#2111140)
- IOMMU/DMA update for 8.7 (BZ#2111692)
- Update Broadcom Emulex lpfc driver for AlmaLinux8.7 with bug fixes (14.0.0.13) (BZ#2112103)
- Incorrect Socket(s) & "Core(s) per socket" reported by lscpu command. (BZ#2112820)
- Panic in ch_release() due to NULL ch->device pointer, backport upstream fix (BZ#2115965)
- pyverbs-tests fail over qede IW HCAs on "testqueryrcqp" (tests.testqp.QPTest) (BZ#2119122)
- qedi shutdown handler hangs upon reboot (BZ#2119847)
- cache link_info for ethtool (BZ#2120197)
- Important iavf bug fixes (BZ#2120225)
- Hibernate crash with Aquantia 2.5/5 Gb LAN card (BZ#2124966)
- While using PTimekeeper the qede driver produces excessive log messages (BZ#2125477)
- general protection fault handling rpc_xprt.timer (BZ#2126184)
- Not enough device MSI-X vectors (BZ#2126482)
- Atlantic driver panic on wakeup after hybernate (BZ#2127845)
- Memory leak in vxlanxmitone (BZ#2131255)
- Missing hybernate/resume fixes (BZ#2131936)
Enhancement(s):
- Update smartpqi driver to latest upstream Second Set of Patches (BZ#2112354)
- qed/qede/qedr - driver updates to latest upstream (BZ#2120611)
- Update qedi driver to latest upstream (BZ#2120612)
- Update qedf driver to latest upstream (BZ#2120613)
- Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops (BZ#2127122)
- Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64) (BZ#2129923)
- References
-
- https://access.redhat.com/errata/RHSA-2022:7110
- https://access.redhat.com/security/cve/CVE-2022-0494
- https://access.redhat.com/security/cve/CVE-2022-1353
- https://access.redhat.com/security/cve/CVE-2022-23816
- https://access.redhat.com/security/cve/CVE-2022-23825
- https://access.redhat.com/security/cve/CVE-2022-2588
- https://access.redhat.com/security/cve/CVE-2022-29900
- https://access.redhat.com/security/cve/CVE-2022-29901
- https://bugzilla.redhat.com/2039448
- https://bugzilla.redhat.com/2066819
- https://bugzilla.redhat.com/2090226
- https://bugzilla.redhat.com/2103148
- https://bugzilla.redhat.com/2103153
- https://bugzilla.redhat.com/2114849
- https://errata.almalinux.org/8/ALSA-2022-7110.html
Affected packages
AlmaLinux:8 / bpftool
Package
- Name
- bpftool
AlmaLinux:8 / kernel
Package
- Name
- kernel
AlmaLinux:8 / kernel-abi-stablelists
Package
- Name
- kernel-abi-stablelists
AlmaLinux:8 / kernel-core
Package
- Name
- kernel-core
AlmaLinux:8 / kernel-cross-headers
Package
- Name
- kernel-cross-headers
AlmaLinux:8 / kernel-debug
Package
- Name
- kernel-debug
AlmaLinux:8 / kernel-debug-core
Package
- Name
- kernel-debug-core
AlmaLinux:8 / kernel-debug-devel
Package
- Name
- kernel-debug-devel
AlmaLinux:8 / kernel-debug-modules
Package
- Name
- kernel-debug-modules
AlmaLinux:8 / kernel-debug-modules-extra
Package
- Name
- kernel-debug-modules-extra
AlmaLinux:8 / kernel-devel
Package
- Name
- kernel-devel
AlmaLinux:8 / kernel-doc
Package
- Name
- kernel-doc
AlmaLinux:8 / kernel-headers
Package
- Name
- kernel-headers
AlmaLinux:8 / kernel-modules
Package
- Name
- kernel-modules
AlmaLinux:8 / kernel-modules-extra
Package
- Name
- kernel-modules-extra
AlmaLinux:8 / kernel-tools
Package
- Name
- kernel-tools
AlmaLinux:8 / kernel-tools-libs
Package
- Name
- kernel-tools-libs
AlmaLinux:8 / kernel-tools-libs-devel
Package
- Name
- kernel-tools-libs-devel
AlmaLinux:8 / perf
Package
- Name
- perf