ALSA-2022:7933
- Source
- https://errata.almalinux.org/9/ALSA-2022-7933.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2022:7933.json
- Related
-
- CVE-2020-36516
- CVE-2021-3640
- CVE-2022-0168
- CVE-2022-0617
- CVE-2022-0854
- CVE-2022-1016
- CVE-2022-1048
- CVE-2022-1184
- CVE-2022-1280
- CVE-2022-1353
- CVE-2022-1679
- CVE-2022-1852
- CVE-2022-1998
- CVE-2022-20368
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21166
- CVE-2022-21499
- CVE-2022-23816
- CVE-2022-23825
- CVE-2022-24448
- CVE-2022-2586
- CVE-2022-26373
- CVE-2022-2639
- CVE-2022-28390
- CVE-2022-28893
- CVE-2022-29581
- CVE-2022-29900
- CVE-2022-29901
- CVE-2022-36946
- CVE-2022-39190
- Published
- 2022-11-15T00:00:00Z
- Modified
- 2022-11-18T08:38:28Z
- Summary
- Moderate: kernel-rt security and bug fix update
- Details
-
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516)
- use-after-free vulnerability in function scosocksendmsg() (CVE-2021-3640)
- smb2ioctlquery_info NULL pointer dereference (CVE-2022-0168)
- NULL pointer dereference in udfexpandfile_adinicbdue() during writeback (CVE-2022-0617)
- swiotlb information leak with DMAFROMDEVICE (CVE-2022-0854)
- uninitialized registers on stack in nftdochain can cause kernel pointer leakage to UM (CVE-2022-1016)
- race condition in sndpcmhw_free leading to use-after-free (CVE-2022-1048)
- use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184)
- concurrency use-after-free between drmsetmasterioctl and drmmodegetresources (CVE-2022-1280)
- kernel info leak issue in pfkey_register (CVE-2022-1353)
- use-after-free in ath9khtcprobe_device() could cause an escalation of privileges (CVE-2022-1679)
- NULL pointer dereference in x86emulateinsn may lead to DoS (CVE-2022-1852)
- fanotify misuses fd_install() which could lead to use-after-free (CVE-2022-1998)
- nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586)
- openvswitch: integer underflow leads to out-of-bounds write in reservesfasize() (CVE-2022-2639)
- slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)
- incomplete clean-up of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
- incomplete clean-up of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
- incomplete clean-up in specific special register write operations (aka DRPW) (CVE-2022-21166)
- possible to use the debugger to write zero into a location of choice (CVE-2022-21499)
- AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
- AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825)
- Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)
- double free in emsusbstartxmit in drivers/net/can/usb/emsusb.c (CVE-2022-28390)
- use after free in SUNRPC subsystem (CVE-2022-28893)
- use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581)
- Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)
- DoS in nfqnlmangle in net/netfilter/nfnetlinkqueue.c (CVE-2022-36946)
- nf_tables disallow binding to already bound chain (CVE-2022-39190)
- nfsatomicopen() returns uninitialized data instead of ENOTDIR (CVE-2022-24448)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2022:7933
- https://access.redhat.com/security/cve/CVE-2020-36516
- https://access.redhat.com/security/cve/CVE-2021-3640
- https://access.redhat.com/security/cve/CVE-2022-0168
- https://access.redhat.com/security/cve/CVE-2022-0617
- https://access.redhat.com/security/cve/CVE-2022-0854
- https://access.redhat.com/security/cve/CVE-2022-1016
- https://access.redhat.com/security/cve/CVE-2022-1048
- https://access.redhat.com/security/cve/CVE-2022-1184
- https://access.redhat.com/security/cve/CVE-2022-1280
- https://access.redhat.com/security/cve/CVE-2022-1353
- https://access.redhat.com/security/cve/CVE-2022-1679
- https://access.redhat.com/security/cve/CVE-2022-1852
- https://access.redhat.com/security/cve/CVE-2022-1998
- https://access.redhat.com/security/cve/CVE-2022-20368
- https://access.redhat.com/security/cve/CVE-2022-21123
- https://access.redhat.com/security/cve/CVE-2022-21125
- https://access.redhat.com/security/cve/CVE-2022-21166
- https://access.redhat.com/security/cve/CVE-2022-21499
- https://access.redhat.com/security/cve/CVE-2022-23816
- https://access.redhat.com/security/cve/CVE-2022-23825
- https://access.redhat.com/security/cve/CVE-2022-24448
- https://access.redhat.com/security/cve/CVE-2022-2586
- https://access.redhat.com/security/cve/CVE-2022-26373
- https://access.redhat.com/security/cve/CVE-2022-2639
- https://access.redhat.com/security/cve/CVE-2022-28390
- https://access.redhat.com/security/cve/CVE-2022-28893
- https://access.redhat.com/security/cve/CVE-2022-29581
- https://access.redhat.com/security/cve/CVE-2022-29900
- https://access.redhat.com/security/cve/CVE-2022-29901
- https://access.redhat.com/security/cve/CVE-2022-36946
- https://access.redhat.com/security/cve/CVE-2022-39190
- https://bugzilla.redhat.com/1980646
- https://bugzilla.redhat.com/2037386
- https://bugzilla.redhat.com/2051444
- https://bugzilla.redhat.com/2052312
- https://bugzilla.redhat.com/2053632
- https://bugzilla.redhat.com/2058395
- https://bugzilla.redhat.com/2059928
- https://bugzilla.redhat.com/2066614
- https://bugzilla.redhat.com/2066706
- https://bugzilla.redhat.com/2066819
- https://bugzilla.redhat.com/2070205
- https://bugzilla.redhat.com/2071022
- https://bugzilla.redhat.com/2073064
- https://bugzilla.redhat.com/2074208
- https://bugzilla.redhat.com/2084125
- https://bugzilla.redhat.com/2084183
- https://bugzilla.redhat.com/2084479
- https://bugzilla.redhat.com/2088021
- https://bugzilla.redhat.com/2089815
- https://bugzilla.redhat.com/2090226
- https://bugzilla.redhat.com/2090237
- https://bugzilla.redhat.com/2090240
- https://bugzilla.redhat.com/2090241
- https://bugzilla.redhat.com/2103148
- https://bugzilla.redhat.com/2103153
- https://bugzilla.redhat.com/2114878
- https://bugzilla.redhat.com/2115065
- https://bugzilla.redhat.com/2115278
- https://bugzilla.redhat.com/2123695
- https://bugzilla.redhat.com/2129152
- https://errata.almalinux.org/9/ALSA-2022-7933.html
Affected packages
AlmaLinux:9 / kernel-rt
Package
- Name
- kernel-rt
AlmaLinux:9 / kernel-rt-core
Package
- Name
- kernel-rt-core
AlmaLinux:9 / kernel-rt-debug
Package
- Name
- kernel-rt-debug
AlmaLinux:9 / kernel-rt-debug-core
Package
- Name
- kernel-rt-debug-core
AlmaLinux:9 / kernel-rt-debug-devel
Package
- Name
- kernel-rt-debug-devel
AlmaLinux:9 / kernel-rt-debug-kvm
Package
- Name
- kernel-rt-debug-kvm
AlmaLinux:9 / kernel-rt-debug-modules
Package
- Name
- kernel-rt-debug-modules
AlmaLinux:9 / kernel-rt-debug-modules-extra
Package
- Name
- kernel-rt-debug-modules-extra
AlmaLinux:9 / kernel-rt-devel
Package
- Name
- kernel-rt-devel
AlmaLinux:9 / kernel-rt-kvm
Package
- Name
- kernel-rt-kvm
AlmaLinux:9 / kernel-rt-modules
Package
- Name
- kernel-rt-modules