CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.8%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fixes:
Power10 PMU fix for PM_CYC/PM_INST_CMPL ( kernel/perf) (BZ#2040665)
call traces and packet drops seen after changing mtu of ibmvnic interface. (ibmvnic/ P10/ Everglade) (BZ#2050679)
zfcp: fix failed recovery on gone remote port, non-NPIV FCP dev (BZ#2050739)
overlay mount fails with ELOOP (Too many levels of symbolic links) (BZ#2053030)
Host unable to automatically add namespaces belonging to a new ANA group (BZ#2055466)
scheduler updates and fixes [None8.4.0.z] (BZ#2056834)
nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061445)
First Packet Latency impacted by mlx5 warning msg (BZ#2067992)
openvswitch connection tracking sends incorrect flow key for some upcalls (BZ#2068477)
Backport upstream rcu commits up to v5.10 (BZ#2069819)
Packages have been upgraded to a later upstream version: kernel (4.18.0) (BZ#2036932)
Enhancement:
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
94.8%