[RLSA-2023:0832] kernel security and bug fix update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)
kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)
kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586)
Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592)
Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580)
MEI support for Alder Lake-S (BZ#2141783)
Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect (BZ#2141959)
Rocky Linux8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver (BZ#2149287)
Intel 8.7 Bug: OS doesn't boot when vmd and interrupt remapping are enabled (BZ#2149474)
i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745)
Rocky Linux8.4 - boot: Add secure boot trailer (BZ#2151530)
error 524 from seccomp(2) when trying to load filter (BZ#2152138)
Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session scsi_transport_iscsi
Connectivity issue with vDPA driver (BZ#2152912)
High Load average due to cfs cpu throttling (BZ#2153108)
The "kernel BUG at mm/usercopy.c:103!" from BZ 2041529 is back on rhel-8.5 (BZ#2153230)
Rocky Linux8: tick storm on nohz (isolated) CPU cores (BZ#2153653)
kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460)
Azure Rocky Linux 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155272)
Azure: VM Deployment Failures Patch Request (BZ#2155280)
Azure vPCI Rocky Linux-8: add the support of multi-MSI (BZ#2155289)
MSFT MANA NET Patch Rocky Linux-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437)
GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at 0000000000000000 : ceph_get_snap_realm+0x68/0xa0 ceph
Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail (BZ#2157905)
Rocky Linux8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157922)
The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158813)
ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182)
(Redhat OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted (BZ#2160221)
i40e/iavf: VF reset task fails "Never saw reset" with 5 second timeout per VF (BZ#2160460)
iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent (BZ#2163257)
- ID
- RLSA-2023:0832
- Severity
- important
- URL
- https://errata.rockylinux.org/RLSA-2023:0832
- Published
-
2023-02-22T01:08:44
(19 months ago) - Modified
-
2023-02-22T01:10:34
(19 months ago) - Rights
- Copyright 2024 Rocky Enterprise Software Foundation
- Other Advisories
-
- ALSA-2023:0334
- ALSA-2023:0832
- ALSA-2023:0951
- DSA-5324-1
- DSA-5730-1
- ELSA-2023-0334
- ELSA-2023-0832
- ELSA-2023-0951
- ELSA-2023-12160
- ELSA-2023-12199
- ELSA-2023-12200
- ELSA-2023-12206
- ELSA-2023-12207
- MS:CVE-2022-2873
- MS:CVE-2022-41222
- MS:CVE-2022-43945
- RHSA-2023:0300
- RHSA-2023:0334
- RHSA-2023:0348
- RHSA-2023:0832
- RHSA-2023:0839
- RHSA-2023:0854
- RHSA-2023:0951
- RHSA-2023:0979
- RLSA-2023:0334
- SSA:2022-237-02
- SSA:2022-333-01
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3606-1
- SUSE-SU-2022:3607-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3648-1
- SUSE-SU-2022:3657-1
- SUSE-SU-2022:3704-1
- SUSE-SU-2022:3775-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:4503-1
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4505-1
- SUSE-SU-2022:4506-1
- SUSE-SU-2022:4510-1
- SUSE-SU-2022:4513-1
- SUSE-SU-2022:4515-1
- SUSE-SU-2022:4516-1
- SUSE-SU-2022:4517-1
- SUSE-SU-2022:4518-1
- SUSE-SU-2022:4520-1
- SUSE-SU-2022:4527-1
- SUSE-SU-2022:4528-1
- SUSE-SU-2022:4533-1
- SUSE-SU-2022:4534-1
- SUSE-SU-2022:4539-1
- SUSE-SU-2022:4542-1
- SUSE-SU-2022:4543-1
- SUSE-SU-2022:4544-1
- SUSE-SU-2022:4545-1
- SUSE-SU-2022:4546-1
- SUSE-SU-2022:4550-1
- SUSE-SU-2022:4551-1
- SUSE-SU-2022:4559-1
- SUSE-SU-2022:4560-1
- SUSE-SU-2022:4561-1
- SUSE-SU-2022:4562-1
- SUSE-SU-2022:4566-1
- SUSE-SU-2022:4569-1
- SUSE-SU-2022:4572-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4574-1
- SUSE-SU-2022:4577-1
- SUSE-SU-2022:4580-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4587-1
- SUSE-SU-2022:4589-1
- SUSE-SU-2022:4595-1
- SUSE-SU-2022:4611-1
- SUSE-SU-2022:4613-1
- SUSE-SU-2022:4614-1
- SUSE-SU-2022:4615-1
- SUSE-SU-2022:4616-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:2146-1
- SUSE-SU-2023:2148-1
- SUSE-SU-2023:2151-1
- SUSE-SU-2023:2162-1
- SUSE-SU-2023:2163-1
- SUSE-SU-2023:2232-1
- USN-5594-1
- USN-5599-1
- USN-5602-1
- USN-5616-1
- USN-5623-1
- USN-5728-1
- USN-5728-2
- USN-5728-3
- USN-5754-1
- USN-5754-2
- USN-5755-1
- USN-5755-2
- USN-5773-1
- USN-5779-1
- USN-5789-1
- USN-5794-1
- USN-5802-1
- USN-5804-1
- USN-5804-2
- USN-5808-1
- USN-5813-1
- USN-5829-1
- USN-5830-1
- USN-5861-1
- USN-5863-1
- USN-5875-1
- USN-5914-1
- USN-5918-1
Source | # ID | Name | URL |
---|---|---|---|
CVE | CVE-2022-2873 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2873 | |
CVE | CVE-2022-41222 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41222 | |
CVE | CVE-2022-43945 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43945 | |
Bugzilla | 2119048 | https://bugzilla.redhat.com/show_bug.cgi?id=2119048 | |
Bugzilla | 2138818 | https://bugzilla.redhat.com/show_bug.cgi?id=2138818 | |
Bugzilla | 2141752 | https://bugzilla.redhat.com/show_bug.cgi?id=2141752 | |
Self | RLSA-2023:0832 | https://errata.rockylinux.org/RLSA-2023:0832 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/rockylinux/python3-perf?arch=x86_64&distro=rockylinux-8.7 | rockylinux | python3-perf | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/python3-perf?arch=aarch64&distro=rockylinux-8.7 | rockylinux | python3-perf | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/perf?arch=x86_64&distro=rockylinux-8.7 | rockylinux | perf | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/perf?arch=aarch64&distro=rockylinux-8.7 | rockylinux | perf | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-tools?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-tools | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-tools?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-tools | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-tools-libs?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-tools-libs | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-tools-libs?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-tools-libs | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-tools-libs-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-tools-libs-devel?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-tools-libs-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-modules?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-modules | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-modules?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-modules | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-modules-extra?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-modules-extra | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-modules-extra?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-modules-extra | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-headers?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-headers | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-headers?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-headers | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-doc?arch=noarch&distro=rockylinux-8.7 | rockylinux | kernel-doc | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | noarch | |
Affected | pkg:rpm/rockylinux/kernel-devel?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-devel?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debuginfo-common-x86_64?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debuginfo-common-x86_64 | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debuginfo-common-aarch64?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debuginfo-common-aarch64 | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debug?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debug | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debug?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debug | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-modules?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debug-modules | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-modules?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debug-modules | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debug-modules-extra | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-modules-extra?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debug-modules-extra | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-devel?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debug-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-devel?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debug-devel | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-core?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-debug-core | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-debug-core?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-debug-core | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-cross-headers?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-cross-headers | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-cross-headers?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-cross-headers | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-core?arch=x86_64&distro=rockylinux-8.7 | rockylinux | kernel-core | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/kernel-core?arch=aarch64&distro=rockylinux-8.7 | rockylinux | kernel-core | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 | |
Affected | pkg:rpm/rockylinux/kernel-abi-stablelists?arch=noarch&distro=rockylinux-8.7 | rockylinux | kernel-abi-stablelists | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | noarch | |
Affected | pkg:rpm/rockylinux/bpftool?arch=x86_64&distro=rockylinux-8.7 | rockylinux | bpftool | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | x86_64 | |
Affected | pkg:rpm/rockylinux/bpftool?arch=aarch64&distro=rockylinux-8.7 | rockylinux | bpftool | < 4.18.0-425.13.1.el8_7 | rockylinux-8.7 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |