CLSA-2023-1693424916

netfilter: nftsetpipapo: fix improper element removal {CVE-2023-4004}
net: tun: fix bugs for oversize packet when napi frags enabled {CVE-2023-3812}
net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}
net/sched: schqfq: account for stab overhead in qfqenqueue {CVE-2023-3611}
net/sched: sch_qfq: refactor parsing of netlink parameters
ipvlan:Fix out-of-bounds caused by unclear skb->cb {CVE-2023-3090}
media: saa7134: fix use after free bug in saa7134_finidev due to race condition {CVE-2023-35823}
media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141}
ovl: fix use after free in struct ovlaioreq {CVE-2023-1252}
xen/netfront: don't use gnttabqueryforeign_access() for mapped status {CVE-2022-23037}
xen/netfront: react properly to failing gnttabendforeignaccessref() {CVE-2022-23042}
xen/netfront: don't trust the backend response data blindly
xen/netfront: disentangle txskbfreelist
xen: sync include/xen/interface/io/ring.h with Xen's newest version
net/sched: flower: fix possible OOB write in flsetgeneve_opt() {CVE-2023-35788}
rds: rdsrmzerocopycallback() use listfirst_entry() {CVE-2023-1078}
misc: sgi-gru: fix use-after-free error in grusetcontextoption, grufault and gruhandleusercallos {CVE-2022-3424}
NFSD: Cap rsize_bop result based on send buffer size {CVE-2022-43945}
NFSD: Protect against send buffer overflow in NFSv3 READ {CVE-2022-43945}
NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}
SUNRPC: Fix svcxdrinitencode's buflen calculation {CVE-2022-43945}
SUNRPC: Fix svcxdrinitdecode's end-of-buffer calculation {CVE-2022-43945}
mm/mremap: hold the rmap lock in write mode when moving page table entries. {CVE-2022-39189}
KVM: x86: do not report a vCPU as preempted outside instruction boundaries {CVE-2022-39189}
net: tls: fix possible race condition between dotlsgetsockoptconf() and dotlssetsockoptconf() {CVE-2023-28466}
tee: handle lookup of shm with reference count 0 {CVE-2021-44733}

References

https://errata.cloudlinux.com/centos8.5-els/CLSA-2023-1693424916.html

Affected packages

TuxCare:CentOS:8.5

bpftool

Package

Name: bpftool
Purl: pkg:rpm/tuxcare/bpftool?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel

Package

Name: kernel
Purl: pkg:rpm/tuxcare/kernel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-core

Package

Name: kernel-core
Purl: pkg:rpm/tuxcare/kernel-core?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-cross-headers

Package

Name: kernel-cross-headers
Purl: pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug

Package

Name: kernel-debug
Purl: pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug-core

Package

Name: kernel-debug-core
Purl: pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug-devel

Package

Name: kernel-debug-devel
Purl: pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug-modules

Package

Name: kernel-debug-modules
Purl: pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug-modules-extra

Package

Name: kernel-debug-modules-extra
Purl: pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-debug-modules-internal

Package

Name: kernel-debug-modules-internal
Purl: pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-devel

Package

Name: kernel-devel
Purl: pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-headers

Package

Name: kernel-headers
Purl: pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-ipaclones-internal

Package

Name: kernel-ipaclones-internal
Purl: pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-modules

Package

Name: kernel-modules
Purl: pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-modules-extra

Package

Name: kernel-modules-extra
Purl: pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-modules-internal

Package

Name: kernel-modules-internal
Purl: pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-selftests-internal

Package

Name: kernel-selftests-internal
Purl: pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-tools

Package

Name: kernel-tools
Purl: pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-tools-libs

Package

Name: kernel-tools-libs
Purl: pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

kernel-tools-libs-devel

Package

Name: kernel-tools-libs-devel
Purl: pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

perf

Package

Name: perf
Purl: pkg:rpm/tuxcare/perf?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"

python3-perf

Package

Name: python3-perf
Purl: pkg:rpm/tuxcare/python3-perf?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els10

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2023-1693424916.json"