[RLSA-2023:0832] kernel security and bug fix update

Severity Important

Affected Packages 40

CVEs 3

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)
kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)
kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586)
Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592)
Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580)
MEI support for Alder Lake-S (BZ#2141783)
Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect (BZ#2141959)
Rocky Linux8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver (BZ#2149287)
Intel 8.7 Bug: OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2149474)
i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745)
Rocky Linux8.4 - boot: Add secure boot trailer (BZ#2151530)
error 524 from seccomp(2) when trying to load filter (BZ#2152138)
Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session scsi_transport_iscsi
Connectivity issue with vDPA driver (BZ#2152912)
High Load average due to cfs cpu throttling (BZ#2153108)
The "kernel BUG at mm/usercopy.c:103!" from BZ 2041529 is back on rhel-8.5 (BZ#2153230)
Rocky Linux8: tick storm on nohz (isolated) CPU cores (BZ#2153653)
kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460)
Azure Rocky Linux 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155272)
Azure: VM Deployment Failures Patch Request (BZ#2155280)
Azure vPCI Rocky Linux-8: add the support of multi-MSI (BZ#2155289)
MSFT MANA NET Patch Rocky Linux-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437)
GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at 0000000000000000 : ceph_get_snap_realm+0x68/0xa0 ceph
Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail (BZ#2157905)
Rocky Linux8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157922)
The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158813)
ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182)
(Redhat OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted (BZ#2160221)
i40e/iavf: VF reset task fails "Never saw reset" with 5 second timeout per VF (BZ#2160460)
iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent (BZ#2163257)

Package	Affected Version
pkg:rpm/rockylinux/python3-perf?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/python3-perf?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/perf?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/perf?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools-libs?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools-libs?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-modules?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-modules?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-modules-extra?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-modules-extra?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-headers?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-headers?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-doc?arch=noarch&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-devel?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-devel?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-modules?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-modules?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-devel?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-devel?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-core?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-debug-core?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-cross-headers?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-cross-headers?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-core?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-core?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/kernel-abi-stablelists?arch=noarch&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/bpftool?arch=x86_64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7
pkg:rpm/rockylinux/bpftool?arch=aarch64&distro=rockylinux-8.7	< 4.18.0-425.13.1.el8_7

ID

RLSA-2023:0832

Severity

important

URL

https://errata.rockylinux.org/RLSA-2023:0832

Published

2023-02-22T01:08:44
(19 months ago)

Modified

2023-02-22T01:10:34
(19 months ago)

Rights

Other Advisories

Source	# ID	URL
CVE	CVE-2022-2873	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2873
CVE	CVE-2022-41222	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41222
CVE	CVE-2022-43945	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43945
Bugzilla	2119048	https://bugzilla.redhat.com/show_bug.cgi?id=2119048
Bugzilla	2138818	https://bugzilla.redhat.com/show_bug.cgi?id=2138818
Bugzilla	2141752	https://bugzilla.redhat.com/show_bug.cgi?id=2141752
Self	RLSA-2023:0832	https://errata.rockylinux.org/RLSA-2023:0832

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/rockylinux/python3-perf?arch=x86_64&distro=rockylinux-8.7	rockylinux	python3-perf	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/python3-perf?arch=aarch64&distro=rockylinux-8.7	rockylinux	python3-perf	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/perf?arch=x86_64&distro=rockylinux-8.7	rockylinux	perf	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/perf?arch=aarch64&distro=rockylinux-8.7	rockylinux	perf	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-tools?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-tools	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-tools?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-tools	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-tools-libs?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-tools-libs	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-tools-libs?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-tools-libs	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-tools-libs-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-tools-libs-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-modules?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-modules	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-modules?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-modules	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-modules-extra?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-modules-extra	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-modules-extra?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-modules-extra	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-headers?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-headers	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-headers?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-headers	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-doc?arch=noarch&distro=rockylinux-8.7	rockylinux	kernel-doc	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	noarch
Affected	pkg:rpm/rockylinux/kernel-devel?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-devel?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debuginfo-common-x86_64	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debuginfo-common-aarch64	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debug?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debug	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debug?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debug	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debug-modules?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debug-modules	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debug-modules?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debug-modules	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debug-modules-extra	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debug-modules-extra	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debug-devel?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debug-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debug-devel?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debug-devel	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-debug-core?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-debug-core	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-debug-core?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-debug-core	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-cross-headers?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-cross-headers	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-cross-headers?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-cross-headers	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-core?arch=x86_64&distro=rockylinux-8.7	rockylinux	kernel-core	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/kernel-core?arch=aarch64&distro=rockylinux-8.7	rockylinux	kernel-core	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/kernel-abi-stablelists?arch=noarch&distro=rockylinux-8.7	rockylinux	kernel-abi-stablelists	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	noarch
Affected	pkg:rpm/rockylinux/bpftool?arch=x86_64&distro=rockylinux-8.7	rockylinux	bpftool	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/bpftool?arch=aarch64&distro=rockylinux-8.7	rockylinux	bpftool	< 4.18.0-425.13.1.el8_7	rockylinux-8.7	aarch64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date