ALSA-2023:4517
See a problem?- Source
- https://errata.almalinux.org/8/ALSA-2023-4517.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:4517.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2023:4517
- Related
- Published
- 2023-08-08T00:00:00Z
- Modified
- 2023-08-11T09:29:40Z
- Summary
- Important: kernel security and bug fix update
- Details
-
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2cap_core.c (CVE-2022-42896)
- kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
- kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)
- kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events (CVE-2023-2235)
- kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)
- kernel: i2c: out-of-bounds write in xgeneslimproi2c_xfer() (CVE-2023-2194)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2023:4517
- https://access.redhat.com/security/cve/CVE-2022-42896
- https://access.redhat.com/security/cve/CVE-2023-1281
- https://access.redhat.com/security/cve/CVE-2023-1829
- https://access.redhat.com/security/cve/CVE-2023-2124
- https://access.redhat.com/security/cve/CVE-2023-2194
- https://access.redhat.com/security/cve/CVE-2023-2235
- https://bugzilla.redhat.com/2147364
- https://bugzilla.redhat.com/2181847
- https://bugzilla.redhat.com/2187439
- https://bugzilla.redhat.com/2188396
- https://bugzilla.redhat.com/2188470
- https://bugzilla.redhat.com/2192589
- https://errata.almalinux.org/8/ALSA-2023-4517.html
Affected packages
AlmaLinux:8 / bpftool
Package
- Name
- bpftool
AlmaLinux:8 / kernel
Package
- Name
- kernel
AlmaLinux:8 / kernel-abi-stablelists
Package
- Name
- kernel-abi-stablelists
AlmaLinux:8 / kernel-core
Package
- Name
- kernel-core
AlmaLinux:8 / kernel-cross-headers
Package
- Name
- kernel-cross-headers
AlmaLinux:8 / kernel-debug
Package
- Name
- kernel-debug
AlmaLinux:8 / kernel-debug-core
Package
- Name
- kernel-debug-core
AlmaLinux:8 / kernel-debug-devel
Package
- Name
- kernel-debug-devel
AlmaLinux:8 / kernel-debug-modules
Package
- Name
- kernel-debug-modules
AlmaLinux:8 / kernel-debug-modules-extra
Package
- Name
- kernel-debug-modules-extra
AlmaLinux:8 / kernel-devel
Package
- Name
- kernel-devel
AlmaLinux:8 / kernel-doc
Package
- Name
- kernel-doc
AlmaLinux:8 / kernel-modules
Package
- Name
- kernel-modules
AlmaLinux:8 / kernel-modules-extra
Package
- Name
- kernel-modules-extra
AlmaLinux:8 / kernel-tools
Package
- Name
- kernel-tools
AlmaLinux:8 / kernel-tools-libs
Package
- Name
- kernel-tools-libs
AlmaLinux:8 / kernel-tools-libs-devel
Package
- Name
- kernel-tools-libs-devel
AlmaLinux:8 / kernel-zfcpdump
Package
- Name
- kernel-zfcpdump
AlmaLinux:8 / kernel-zfcpdump-core
Package
- Name
- kernel-zfcpdump-core
AlmaLinux:8 / kernel-zfcpdump-devel
Package
- Name
- kernel-zfcpdump-devel
AlmaLinux:8 / kernel-zfcpdump-modules
Package
- Name
- kernel-zfcpdump-modules
AlmaLinux:8 / kernel-zfcpdump-modules-extra
Package
- Name
- kernel-zfcpdump-modules-extra
AlmaLinux:8 / perf
Package
- Name
- perf