[CLSA-2023:1693426883] kernel: Fix of 20 CVEs
Type:
security
Severity:
Important
Release date:
2023-08-30
Description:
- netfilter: nft_set_pipapo: fix improper element removal {CVE-2023-4004} - net: tun: fix bugs for oversize packet when napi frags enabled {CVE-2023-3812} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} - net/sched: sch_qfq: refactor parsing of netlink parameters - ipvlan:Fix out-of-bounds caused by unclear skb->cb {CVE-2023-3090} - media: saa7134: fix use after free bug in saa7134_finidev due to race condition {CVE-2023-35823} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - memstick: r592: Fix UAF bug in r592_remove due to race condition {CVE-2023-3141} - ovl: fix use after free in struct ovl_aio_req {CVE-2023-1252} - xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037} - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-23042} - xen/netfront: don't trust the backend response data blindly {CVE-2022-23042} - xen/netfront: disentangle tx_skb_freelist {CVE-2022-23042} - xen: sync include/xen/interface/io/ring.h with Xen's newest version {CVE-2022-23042} - net/sched: flower: fix possible OOB write in fl_set_geneve_opt() {CVE-2023-35788} - rds: rds_rm_zerocopy_callback() use list_first_entry() {CVE-2023-1078} - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os {CVE-2022-3424} - mac80211: do not accept/forward invalid EAPOL frames {CVE-2020-26139} - bpf: Fix 32 bit src register truncation on div/mod {CVE-2021-3600} - NFSD: Cap rsize_bop result based on send buffer size {CVE-2022-43945} - NFSD: Protect against send buffer overflow in NFSv3 READ {CVE-2022-43945} - SUNRPC: Fix svcxdr_init_encode's buflen calculation {CVE-2022-43945} - KVM: x86: do not report a vCPU as preempted outside instruction boundaries {CVE-2022-39189} - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() {CVE-2023-28466} - tee: handle lookup of shm with reference count 0 {CVE-2021-44733}
Updated packages:
  • bpftool-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:016f93cdfd4ca7ebef1fe3ffd3fe85624dc7e152
  • kernel-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:35438f04274e32280c379227a61a284eeb1320ab
  • kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:e2a1288b3a064579102b4c492564525b13ad1e97
  • kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:f1a2c5a1c17098c5daec7fa4b11930b2b03aab5e
  • kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:3b13cb5d74b549acc09105d38de5a7ebc76baa60
  • kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:db062f62e87da71c581c94d1afdf5a6ff3819694
  • kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:373840779d74a800032066aed1a879e1019012c6
  • kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:454af67efe68b4b4f9508fac5a8374ecbc981177
  • kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:231d921e2681558afd9d3eb3c983c239ca90e049
  • kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:f5e38404b82c406329c51280cf24f559da49f15a
  • kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:6dda63376f945ffb591641824a0db57910d68af8
  • kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:4bdf8d836767e4b3becd05e03943edfdc18a2ebe
  • kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:2b0d526fa9c9ee020d672a19a5e7905d8e97637d
  • kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:767b740fbe2e9ef58284151ae12ed79ae2f0060a
  • kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:d480f4e88875ef20b61cb858a2734cda76299601
  • kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:6a79f220681519f2679fd082e04865a1ffa3b83d
  • kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:cef53e211b66a5609fcc4fbf218a72bb14ae9363
  • kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:99c496a9390b20a57b976732df4f0625e65cc220
  • kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:04a9dd5dfca2777e1727a2afeb40a06f876b1f09
  • kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:b2cc873de9f2bc6f6b68ef5e621506f94463f123
  • perf-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:5c0c487fab2c1b4f45ffc7d50dc99a7878329ab3
  • python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els10.x86_64.rpm
    sha:3f5553375326c8edb2c7b8b76ec0d85cf1f881fa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.