Release Info

Advisory: CLSA-2024:1715000749

OS: AlmaLinux 9.2 ESU

Public date: 2024-05-06 09:05:51

Project: kernel

Version: 7.0.0-284.11.1.el9_2.tuxcare.5.els3

Errata link: https://errata.tuxcare.com/els_os/almalinux9.2fips/CLSA-2024-1715000749.html

Changelog

- IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests {CVE-2023-52474} - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). {CVE-2023-4622} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - RDMA/irdma: Prevent zero-length STAG registration {CVE-2023-25775} - block: add check that partition length needs to be aligned with block size {CVE-2023-52458} - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS {CVE-2024-26589} - bpf: fix check for attempt to corrupt spilled pointer {CVE-2023-52462} - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache {CVE-2024-26598} - ext4: regenerate buddy after block freeing failed if under fc replay {CVE-2024-26601} - ext4: allow ext4_get_group_info() to fail {CVE-2024-26601} - mlxsw: spectrum_acl_tcam: Fix stack corruption {CVE-2024-26586} - EDAC/thunderx: Fix possible out-of-bounds string access {CVE-2023-52464} - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() {CVE-2023-52470} - drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469} - md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307} - igb: set max size RX buffer when store bad packet is enabled {CVE-2023-45871} - netfilter: nft_set_rbtree: skip end interval element from gc {CVE-2024-26581} - netfilter: nf_tables: check if catch-all set element is active in next generation {CVE-2024-1085} - netfilter: nf_tables: skip set commit for deleted/destroyed sets {CVE-2024-0193} - netfilter: nft_set_pipapo: skip inactive elements during set walk {CVE-2023-6817} - netfilter: nf_tables: split async and sync catchall in two functions {CVE-2023-4244} - netfilter: nf_tables: remove catchall element in GC sync path {CVE-2023-4244} - netfilter: nf_tables: expose opaque set element as struct nft_elem_priv {CVE-2023-4244} - netfilter: nf_tables: set backend .flush always succeeds {CVE-2023-4244} - netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush {CVE-2023-4244} - netfilter: nf_tables: work around newrule after chain binding {CVE-2023-4244} - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure {CVE-2023-4244} - netfilter: nf_tables: fix memleak when more than 255 elements expired {CVE-2023-4244} - netfilter: nf_tables: disable toggling dormant table state more than once {CVE-2023-4244} - netfilter: nf_tables: disallow element removal on anonymous sets {CVE-2023-4244} - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration {CVE-2023-4244} - netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails {CVE-2023-4244} - netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention {CVE-2023-4244} - netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC {CVE-2023-4244} - netfilter: nf_tables: disallow rule removal from chain binding {CVE-2023-4244} - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction {CVE-2023-4244} - netfilter: nf_tables: defer gc run if previous batch is still pending {CVE-2023-4244} - netfilter: nf_tables: fix out of memory error handling {CVE-2023-4244} - netfilter: nf_tables: use correct lock to protect gc_list {CVE-2023-4244} - netfilter: nf_tables: GC transaction race with abort path {CVE-2023-4244} - netfilter: nf_tables: flush pending destroy work before netlink notifier {CVE-2023-4244} - netfilter: nft_dynset: disallow object maps {CVE-2023-4244} - netfilter: nf_tables: GC transaction race with netns dismantle {CVE-2023-4244} - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path {CVE-2023-4244} - netfilter: nf_tables: don't fail inserts if duplicate has expired {CVE-2023-4244} - netfilter: nf_tables: deactivate catchall elements in next generation {CVE-2023-4244} - netfilter: nf_tables: fix kdoc warnings after gc rework {CVE-2023-4244} - netfilter: nf_tables: fix false-positive lockdep splat {CVE-2023-4244} - netfilter: nf_tables: remove busy mark and gc batch API {CVE-2023-4244} - netfilter: nft_set_hash: mark set element as dead when deleting from packet path {CVE-2023-4244} - netfilter: nf_tables: adapt set backend to use GC transaction API {CVE-2023-4244} - netfilter: nft_set_rbtree: fix overlap expiration walk {CVE-2023-4244} - netfilter: nf_tables: GC transaction API to avoid race with control plane {CVE-2023-4244} - netfilter: nf_tables: don't skip expired elements during walk {CVE-2023-4244} - netfilter: nf_tables: skip bound chain in netns release path {CVE-2023-4244} - netfilter: nf_tables: fix spurious set element insertion failure {CVE-2023-4244} - netfilter: nf_tables: report use refcount overflow {CVE-2023-4244} - netfilter: nf_tables: fix underflow in chain reference counter {CVE-2023-4244} - netfilter: nf_tables: disallow timeout for anonymous sets {CVE-2023-4244} - netfilter: nf_tables: disallow updates of anonymous sets {CVE-2023-4244} - netfilter: nf_tables: reject unbound chain set before commit phase {CVE-2023-4244} - netfilter: nf_tables: reject unbound anonymous set before commit phase {CVE-2023-4244} - netfilter: nf_tables: disallow element updates of bound anonymous sets {CVE-2023-4244} - netfilter: nf_tables: fix underflow in object reference counter {CVE-2023-4244} - netfilter: nf_tables: drop map element references from preparation phase {CVE-2023-4244} - netfilter: nf_tables: validate variable length element extension {CVE-2023-4244} - netfilter: nft_set_pipapo: .walk does not deal with generations {CVE-2023-4244} - netfilter: nf_tables: relax set/map validation checks {CVE-2023-4244} - netfilter: nf_tables: integrate pipapo into commit protocol {CVE-2023-4244} - netfilter: nf_tables: upfront validation of data via nft_data_init() {CVE-2023-4244} - netfilter: nft_set_rbtree: fix null deref on element insertion - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection - netfilter: nft_set_rbtree: skip elements in transaction from garbage collection - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR {CVE-2023-4015} - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() {CVE-2023-7192} - Documentation/hw-vuln: Fix rST warning {CVE-2022-27672} - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions {CVE-2022-27672} - KVM: x86: Mitigate the cross-thread return address predictions bug {CVE-2022-27672} - x86/speculation: Identify processors vulnerable to SMT RSB predictions {CVE-2022-27672} - uio: Fix use-after-free in uio_open {CVE-2023-52439} - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump {CVE-2023-52448}

Update

Update command: dnf update kernel*

Packages list

bpftool-7.0.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-abi-stablelists-5.14.0-284.11.1.el9_2.tuxcare.5.els3.noarch.rpm kernel-core-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-cross-headers-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-core-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-devel-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-devel-matched-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-modules-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-modules-core-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-modules-extra-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-modules-internal-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-modules-partner-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-debug-uki-virt-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-devel-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-devel-matched-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-doc-5.14.0-284.11.1.el9_2.tuxcare.5.els3.noarch.rpm kernel-headers-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-ipaclones-internal-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-modules-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-modules-core-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-modules-extra-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-modules-internal-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-modules-partner-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-selftests-internal-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-tools-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-tools-libs-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-tools-libs-devel-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm kernel-uki-virt-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm perf-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm python3-perf-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm rtla-5.14.0-284.11.1.el9_2.tuxcare.5.els3.x86_64.rpm

CVEs

CVE-2023-7192
CVE-2024-23307
CVE-2023-52464
CVE-2024-26601
CVE-2024-26586
CVE-2023-52458
CVE-2024-26581
CVE-2023-52470
CVE-2023-4244
CVE-2023-4015
CVE-2024-0193
CVE-2023-45871
CVE-2024-26589
CVE-2023-6817
CVE-2024-1085
CVE-2023-52439
CVE-2023-52462
CVE-2024-26598
CVE-2023-25775
CVE-2023-52448
CVE-2023-52469