[Security Advisory] ALSA-2024:0113: kernel security update (Important)
Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 8 Type: Security Severity: Important Release date: 2024-01-17 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: use after free in unix_stream_sendpage (CVE-2023-4622) * kernel: vmwgfx: reference count issue leads to use-after-free in surface handling (CVE-2023-5633) * kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753) * Kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162) * hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Backport OVS l4 Symmetric Hashing to almalinux-8 (JIRA:AlmaLinux-12746) * Unbounded memory usage by TCP for receive buffers (JIRA:AlmaLinux-15096) * various kind of guests freeze on rhel 8.8 (JIRA:AlmaLinux-15121) * AlmaLinux 8: netfilter: conntrack: Fix gre tunneling over ipv6 (JIRA:AlmaLinux-15259) * NFSv4.1 needs to handle ENOENT error from GETDEVICEINFO (JIRA:AlmaLinux-16407) * DM multipath showing failed path for an nvme-o-FC LUN when performing I/O operations (JIRA:AlmaLinux-14718) Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2024-0113.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team
participants (1)
-
AlmaLinux Errata Notifications