CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
57.0%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security fixes:
kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
kernel: irdma: Improper access control (CVE-2023-25775)
kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558)
This update also fixes the following bugs:
NFS client closes active connection (RHEL-22193)
kernel panic at __list_del_entry from smb2_reconnect_server (RHEL-26301)
kernel: race condition when call to VT_RESIZEX ioctl and vc_cons[i].d is already NULL, causing a NULL pointer dereference. (RHEL-28639)
kernel: net/sched: sch_hfsc UAF (RHEL-16458)
kernel: irdma: Improper access control (RHEL-6299)
The message in RHEL 7 ?stack-protector: Kernel stack is corrupted in:? is triggered because perf_trace_buf_prepare() does not verify that per_cpu array perf_trace_buf has allocated per_cpu buffers in it. (RHEL-18052)
[rhel7] gfs2: Invalid metadata access in punch_hole (RHEL-28785)
UDP packets dropped due to SELinux denial (RHEL-27751)
Boot fails with kernel panic at acpi_device_hid+0x6 (RHEL-8721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.