AlmaLinux 2225 Published by

A kernel security and bug fix update has been released for AlmaLinux 9.



ALSA-2023:3723 Important: kernel security and bug fix update


Type:
security

Severity:
important

Release date:
2023-07-11

Description
Security Fix(es):
* kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)
* kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
* Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
* kernel: OOB access in the Linux kernel's XFS subsystem (CVE-2023-2124)
* kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)
* kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference (CVE-2023-28466)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Intel QAT Update - (kernel changes) (BZ#2176846)
* RPL-P IOTG/RPL-S IOTG: cpu frequency issues (BZ#2178857)
* In FIPS mode, kernel does not transition into error state when RCT or APT health tests fail (BZ#2181727)
* Kernel BUG in iwlmvm wifi driver when used Mesh systems (BZ#2186723)
* Azure AlmaLinux 9 Backport upstream commit 93827a0a36396f2fd6368a54a020f420c8916e9b KVM: VMX: Fix crash due to uninitialized current_vmcs (BZ#2186822)
* AlmaLinux 9 blktests nvme/047 lead kernel NULL pointer (BZ#2187536)
* Single Node Openshift cluster becomes unreachable after running less than 2 hours (BZ#2187709)
* kernel-rt: task deadline_test:1778 blocked for more than 622 seconds (BZ#2188655)
* fix page end in filemap_get_read_batch (BZ#2189349)
* AlmaLinux 9.2 hwpoison: data loss when memory error occurs on hugetlb pagecache (BZ#2192348)
* wdat_wdt watchdog timeout triggered unexpectedly (BZ#2192585)
* ice: high CPU usage with GNSS or ptp4l (BZ#2203154)
* AlmaLinux 9 "smpboot: Scheduler frequency invariance went wobbly, disabling!" on nohz_full CPUs after long run (BZ#2203178)
* Dying percpu kworkers cause issues on isolated CPUs almalinux-9 (BZ#2203229)
* FJ9.2 Bug: REG NFS infinite loop of COMMIT call and NFS4ERR_DELAY reply. (BZ#2203335)
* perf errors - "event syntax error: 'unc_p_delayed_c_state_abort_core5'" b'_ value too big for format, maximum is 255' (BZ#2207471)
* AlmaLinux 9: Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208242)
* cifs: backport small patches to bring us close to 9.1 - backport commit aea02fc40a7f cifs: fix wrong unlock before return from cifs_tree_connect (BZ#2209045)
* AlmaLinux 9 x86_64, kdump 2nd kernel will randomly panic on "kvm-08-guest25.hv2" (BZ#2210614)

References:
CVE-2023-2002
CVE-2023-2124
CVE-2023-2194
CVE-2023-2235
CVE-2023-28466
CVE-2023-32233
RHSA-2023:3723
ALSA-2023:3723

Updates packages:
kernel-zfcpdump-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm
perf-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-tools-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-zfcpdump-modules-extra-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-tools-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-64k-modules-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-5.14.0-284.18.1.el9_2.x86_64.rpm
bpftool-7.0.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-64k-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-zfcpdump-devel-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.ppc64le.rpm
perf-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-tools-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-64k-debug-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-5.14.0-284.18.1.el9_2.s390x.rpm
rtla-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-devel-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-zfcpdump-modules-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-zfcpdump-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-core-5.14.0-284.18.1.el9_2.ppc64le.rpm
python3-perf-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-64k-modules-extra-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-64k-modules-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-modules-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm
python3-perf-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-64k-debug-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-devel-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-modules-extra-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-devel-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.s390x.rpm
python3-perf-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-debug-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-zfcpdump-devel-matched-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-64k-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-modules-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-5.14.0-284.18.1.el9_2.s390x.rpm
python3-perf-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-64k-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
bpftool-7.0.0-284.18.1.el9_2.x86_64.rpm
kernel-modules-core-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-modules-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-abi-stablelists-5.14.0-284.18.1.el9_2.noarch.rpm
kernel-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
rtla-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-devel-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-devel-matched-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-64k-debug-modules-core-5.14.0-284.18.1.el9_2.aarch64.rpm
bpftool-7.0.0-284.18.1.el9_2.s390x.rpm
kernel-64k-debug-devel-matched-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-devel-matched-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.aarch64.rpm
perf-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-modules-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-64k-debug-modules-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-libs-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-zfcpdump-modules-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-64k-debug-modules-extra-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-libs-5.14.0-284.18.1.el9_2.x86_64.rpm
rtla-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-devel-matched-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-modules-core-5.14.0-284.18.1.el9_2.ppc64le.rpm
bpftool-7.0.0-284.18.1.el9_2.aarch64.rpm
kernel-modules-extra-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-64k-devel-matched-5.14.0-284.18.1.el9_2.aarch64.rpm
rtla-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-core-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-5.14.0-284.18.1.el9_2.s390x.rpm
kernel-modules-extra-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-64k-debug-core-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-debug-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-core-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-debug-modules-core-5.14.0-284.18.1.el9_2.aarch64.rpm
perf-5.14.0-284.18.1.el9_2.ppc64le.rpm
kernel-tools-libs-5.14.0-284.18.1.el9_2.aarch64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:3723 Important: kernel security and bug fix update