(RHSA-2023:7549) Important: kernel security and bug fix update

2023-11-2814:51:21

access.redhat.com

120

linux kernel

security fix

cve

bug fix

packet delay

hpe edgeline 920t

ice driver

intel iommu

7.7 High

AI Score

Confidence

Low

0.024 Low

EPSS

Percentile

90.1%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)
kernel: use-after-free due to race condition occurring in dvb_register_device() (CVE-2022-45884)
kernel: use-after-free due to race condition occurring in dvb_net.c (CVE-2022-45886)
kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c (CVE-2022-45919)
kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Random delay receiving packets after bringing up VLAN on top of VF with vf-vlan-pruning enabled (BZ#2240750)
bpf_jit_limit hit again (BZ#2243011)
HPE Edgeline 920t resets during kdump context when ice driver is loaded and when system is booted with intel_iommu=on iommu=pt (BZ#2244625)

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64kernel-debug-devel< 4.18.0-513.9.1.el8_9kernel-debug-devel-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat8ppc64lebpftool-debuginfo< 4.18.0-513.9.1.el8_9bpftool-debuginfo-4.18.0-513.9.1.el8_9.ppc64le.rpm
RedHat8aarch64bpftool< 4.18.0-513.9.1.el8_9bpftool-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat8x86_64bpftool< 4.18.0-513.9.1.el8_9bpftool-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat8aarch64kernel-devel< 4.18.0-513.9.1.el8_9kernel-devel-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat8x86_64kernel-tools-debuginfo< 4.18.0-513.9.1.el8_9kernel-tools-debuginfo-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat8x86_64kernel-core< 4.18.0-513.9.1.el8_9kernel-core-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat8aarch64kernel-debuginfo-common-aarch64< 4.18.0-513.9.1.el8_9kernel-debuginfo-common-aarch64-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat8aarch64kernel-modules< 4.18.0-513.9.1.el8_9kernel-modules-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat8aarch64kernel-core< 4.18.0-513.9.1.el8_9kernel-core-4.18.0-513.9.1.el8_9.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	kernel-debug-devel	< 4.18.0-513.9.1.el8_9	kernel-debug-devel-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat	8	ppc64le	bpftool-debuginfo	< 4.18.0-513.9.1.el8_9	bpftool-debuginfo-4.18.0-513.9.1.el8_9.ppc64le.rpm
RedHat	8	aarch64	bpftool	< 4.18.0-513.9.1.el8_9	bpftool-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat	8	x86_64	bpftool	< 4.18.0-513.9.1.el8_9	bpftool-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat	8	aarch64	kernel-devel	< 4.18.0-513.9.1.el8_9	kernel-devel-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat	8	x86_64	kernel-tools-debuginfo	< 4.18.0-513.9.1.el8_9	kernel-tools-debuginfo-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat	8	x86_64	kernel-core	< 4.18.0-513.9.1.el8_9	kernel-core-4.18.0-513.9.1.el8_9.x86_64.rpm
RedHat	8	aarch64	kernel-debuginfo-common-aarch64	< 4.18.0-513.9.1.el8_9	kernel-debuginfo-common-aarch64-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat	8	aarch64	kernel-modules	< 4.18.0-513.9.1.el8_9	kernel-modules-4.18.0-513.9.1.el8_9.aarch64.rpm
RedHat	8	aarch64	kernel-core	< 4.18.0-513.9.1.el8_9	kernel-core-4.18.0-513.9.1.el8_9.aarch64.rpm