ALSA-2024:0113
- Source
- https://errata.almalinux.org/8/ALSA-2024-0113.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:0113.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2024:0113
- Related
- Published
- 2024-01-10T00:00:00Z
- Modified
- 2024-01-17T10:35:23Z
- Summary
- Important: kernel security update
- Details
-
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: use after free in unixstreamsendpage (CVE-2023-4622)
- kernel: vmwgfx: reference count issue leads to use-after-free in surface handling (CVE-2023-5633)
- kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)
- Kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)
- hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Backport OVS l4 Symmetric Hashing to almalinux-8 (JIRA:AlmaLinux-12746)
- Unbounded memory usage by TCP for receive buffers (JIRA:AlmaLinux-15096)
- various kind of guests freeze on rhel 8.8 (JIRA:AlmaLinux-15121)
- AlmaLinux 8: netfilter: conntrack: Fix gre tunneling over ipv6 (JIRA:AlmaLinux-15259)
- NFSv4.1 needs to handle ENOENT error from GETDEVICEINFO (JIRA:AlmaLinux-16407)
- DM multipath showing failed path for an nvme-o-FC LUN when performing I/O operations (JIRA:AlmaLinux-14718)
- References
-
- https://access.redhat.com/errata/RHSA-2024:0113
- https://access.redhat.com/security/cve/CVE-2023-20569
- https://access.redhat.com/security/cve/CVE-2023-2162
- https://access.redhat.com/security/cve/CVE-2023-42753
- https://access.redhat.com/security/cve/CVE-2023-4622
- https://access.redhat.com/security/cve/CVE-2023-5633
- https://bugzilla.redhat.com/2187773
- https://bugzilla.redhat.com/2207625
- https://bugzilla.redhat.com/2237760
- https://bugzilla.redhat.com/2239843
- https://bugzilla.redhat.com/2245663
- https://errata.almalinux.org/8/ALSA-2024-0113.html
Affected packages
AlmaLinux:8 / bpftool
Package
- Name
- bpftool
AlmaLinux:8 / kernel
Package
- Name
- kernel
AlmaLinux:8 / kernel-abi-stablelists
Package
- Name
- kernel-abi-stablelists
AlmaLinux:8 / kernel-core
Package
- Name
- kernel-core
AlmaLinux:8 / kernel-cross-headers
Package
- Name
- kernel-cross-headers
AlmaLinux:8 / kernel-debug
Package
- Name
- kernel-debug
AlmaLinux:8 / kernel-debug-core
Package
- Name
- kernel-debug-core
AlmaLinux:8 / kernel-debug-devel
Package
- Name
- kernel-debug-devel
AlmaLinux:8 / kernel-debug-modules
Package
- Name
- kernel-debug-modules
AlmaLinux:8 / kernel-debug-modules-extra
Package
- Name
- kernel-debug-modules-extra
AlmaLinux:8 / kernel-devel
Package
- Name
- kernel-devel
AlmaLinux:8 / kernel-doc
Package
- Name
- kernel-doc
AlmaLinux:8 / kernel-modules
Package
- Name
- kernel-modules
AlmaLinux:8 / kernel-modules-extra
Package
- Name
- kernel-modules-extra
AlmaLinux:8 / kernel-tools
Package
- Name
- kernel-tools
AlmaLinux:8 / kernel-tools-libs
Package
- Name
- kernel-tools-libs
AlmaLinux:8 / kernel-tools-libs-devel
Package
- Name
- kernel-tools-libs-devel
AlmaLinux:8 / kernel-zfcpdump
Package
- Name
- kernel-zfcpdump
AlmaLinux:8 / kernel-zfcpdump-core
Package
- Name
- kernel-zfcpdump-core
AlmaLinux:8 / kernel-zfcpdump-devel
Package
- Name
- kernel-zfcpdump-devel
AlmaLinux:8 / kernel-zfcpdump-modules
Package
- Name
- kernel-zfcpdump-modules
AlmaLinux:8 / kernel-zfcpdump-modules-extra
Package
- Name
- kernel-zfcpdump-modules-extra
AlmaLinux:8 / perf
Package
- Name
- perf