Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks
CVE-2022-2873
Zheyu Ma discovered that an out-of-bounds memory access flaw in the
Intel iSMT SMBus 20 host controller driver may result in denial of
service (system crash)
CVE-2022-3545
...
概要
Important: kernel security, bug fix, and enhancement update
タイプ/重大度
Security Advisory: Important
Red Hat Insights パッチ分析
このアドバイザリーの影響を受けるシステムを特定し、修正します。
影響を受けるシステムの表示
トピック
An update for kernel is now available ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Securit ...
Synopsis
Low: Logging Subsystem 5710 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Low
Topic
Low: Logging Subsystem 5710 - Red Hat OpenShift security updateRed Hat Product Security has rated this update as having a security impact of low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
概要
Important: OpenShift Container Platform 411 low-latency extras update
タイプ/重大度
Security Advisory: Important
トピック
An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Securit ...
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP) A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference A local user could use this flaw to potentially crash the system causing a denial of service (CVE-2022-4129)
In the Linux kernel before 616, a NULL pointer dereference bug ...
In the Linux kernel before 616, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands This affects qdisc_graft in net/sched/sch_apic (CVE-2022-47929)
A buffer ove ...
In the Linux kernel before 616, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands This affects qdisc_graft in net/sched/sch_apic (CVE-2022-47929)
In Linux ker ...
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the line ...
the return code of of tcf_classify is insufficiently validated before interpreting part of the result as a pointer in the network schedulers code ...
Vulmon