SCIENTIFIC-LINUX-ERRATA Archives

November 2023

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: kernel on SL7 srpm/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 9 Nov 2023 16:05:30 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (43 lines) 
Red Hat Security Advisory: kernel security and bug fix update
Advisory ID:       SLSA-2023:5622
Issue Date:        2023-10-10
CVE Numbers:       CVE-2023-3609
                   CVE-2023-32233
                   CVE-2023-35001
--

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)

* kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)

* kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001)

Bug Fix(es):

* Low memory deadlock with md devices and external (imsm) metadata handling (BZ#1703180)

* cifs: memory leak in smb2_query_symlink (BZ#2166706)

* bnxt_en: panic in bnxt_tx_int Redux (BZ#2175062)

* NFS client loop in BIND_CONN_TO_SESSION (BZ#2219604)

---

This content is derived from https://access.redhat.com/errata/RHSA-2023:5622
--

SL7
  x86_64
    bpftool-0:3.10.0-1160.102.1.el7.x86_64
  srpm
    kernel-0:3.10.0-1160.102.1.el7.src
  noarch
    kernel-abi-whitelists-0:3.10.0-1160.102.1.el7.noarch

- Scientific Linux Development Team

ATOM RSS1 RSS2