Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 84 Update Services for SAP SolutionsRed Hat Produ ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Securit ...
A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service (CVE-2023-3772)
A use-after-free vulnerability in the Linux ke ...
The Stable channel is being updated to 1180599386 (Platform version: 15604450) for most ChromeOS devices and will be rolled out over the next few days This build contains a number of bug fixes and security updatesIf you find new issues, please let us know one of the following ways:File a bug Visit our ChromeOS commun ...
A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service (CVE-2023-3772)
The upstream commit describes this issue as fo ...
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation
If a class with a link-sharing curve (ie with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_r ...
The upstream commit describes this issue as follows:
The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calculating array offsets, which can lead to integer underflow As a result, it leads to slab out-of-bound access (CVE-2023-42753)
A use-after-free vulnerability in the Linux kernel's ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation
When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbind_filt ...
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation
When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances
We recommend upgrading past commi ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation
When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbind_filt ...
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation
If a class with a link-sharing curve (ie with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_r ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation
When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbi ...
A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation
If a class with a link-sharing curve (ie with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_r ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation
When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbind_filt ...
A flaw was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service (CVE-2023-3772)
A use-after-free vulnerability in the Linux ke ...
Vulmon