OESA-2023-1210

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1210
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1210.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2023-1210
Upstream
Published
2023-04-11T11:05:08Z
Modified
2025-09-03T06:18:14.070088Z
Summary
kernel security update
Details

The Linux Kernel, the operating system core itself.

Security Fix(es):

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.(CVE-2022-29901)

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.(CVE-2022-4269)

A null pointer dereference issue was found in the unix protocol in net/unix/diag.c in Linux before 6.0. In unixdiagget_exact, the newly allocated skb does not have sk, leading to null pointer. A local user could use this flaw to crash the system or potentially cause a denial of service.

Reference: https://lore.kernel.org/netdev/CAO4mrfdvyjFpokhNsiwZiP-wpdSD0AStcJwfKcKQdAALQ9_2Qw@mail.gmail.com/ https://lore.kernel.org/netdev/e04315e7c90d9a75613f3993c2baf2d344eef7eb.camel@redhat.com/ https://lore.kernel.org/netdev/20221127012412.37969-3-kuniyu@amazon.com/T/(CVE-2023-28327)

Kernel: A denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c(CVE-2023-28328)

A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo->reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service.(CVE-2023-1380)

A flaw was found in KVM. When calling the KVMGETDEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.(CVE-2023-1513)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.89.0.113.oe2203

Ecosystem specific 

{
    "src": [
        "kernel-5.10.0-60.89.0.113.oe2203.src.rpm"
    ],
    "aarch64": [
        "bpftool-debuginfo-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "perf-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-tools-devel-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-5.10.0-60.89.0.113.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.89.0.113.oe2203.aarch64.rpm"
    ],
    "x86_64": [
        "bpftool-debuginfo-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-headers-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.89.0.113.oe2203.x86_64.rpm",
        "perf-5.10.0-60.89.0.113.oe2203.x86_64.rpm"
    ]
}