Release Info

- netfilter: nft_set_pipapo: fix improper element removal {CVE-2023-4004} - net: tun: fix bugs for oversize packet when napi frags enabled {CVE-2023-3812} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} - net/sched: sch_qfq: refactor parsing of netlink parameters - ipvlan:Fix out-of-bounds caused by unclear skb->cb {CVE-2023-3090} - media: saa7134: fix use after free bug in saa7134_finidev due to race condition {CVE-2023-35823} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141} - ovl: fix use after free in struct ovl_aio_req {CVE-2023-1252} - xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037} - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-23042} - xen/netfront: don't trust the backend response data blindly - xen/netfront: disentangle tx_skb_freelist - xen: sync include/xen/interface/io/ring.h with Xen's newest version - net/sched: flower: fix possible OOB write in fl_set_geneve_opt() {CVE-2023-35788} - rds: rds_rm_zerocopy_callback() use list_first_entry() {CVE-2023-1078} - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424} - NFSD: Cap rsize_bop result based on send buffer size {CVE-2022-43945} - NFSD: Protect against send buffer overflow in NFSv3 READ {CVE-2022-43945} - NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945} - SUNRPC: Fix svcxdr_init_encode's buflen calculation {CVE-2022-43945} - SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation {CVE-2022-43945} - mm/mremap: hold the rmap lock in write mode when moving page table entries. {CVE-2022-39189} - KVM: x86: do not report a vCPU as preempted outside instruction boundaries {CVE-2022-39189} - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() {CVE-2023-28466} - tee: handle lookup of shm with reference count 0 {CVE-2021-44733}

Update command: dnf update kernel*

bpftool-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-core-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-cross-headers-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-core-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-devel-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-modules-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-debug-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-devel-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-headers-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-ipaclones-internal-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-modules-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-selftests-internal-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-tools-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-tools-libs-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm perf-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm python3-perf-4.18.0-348.7.1.el8_5.tuxcare.els10.x86_64.rpm