Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
Lustre 2.16.0, Lustre 2.15.5
-
None
-
3
-
9223372036854775807
Description
Security Fix(es):
- kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)
- kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
- kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
- kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)
- kernel: vmwgfx: reference count issue leads to use-after-free in surface handling (CVE-2023-5633)
- kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)
- kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
- kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c (CVE-2022-36402)
- kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
- kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
- kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
- kernel: use-after-free in netfilter: nf_tables (CVE-2023-3777)
- kernel: use after free in nft_immediate_deactivate (CVE-2023-4015)
- kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
- kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
- kernel: SEV-ES local priv escalation (CVE-2023-46813)
- kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c (CVE-2023-6679)
https://access.redhat.com/errata/product/479/ver=/rhel---9/x86_64/RHSA-2024:0461