kernel update [RHEL 8.9 4.18.0-513.18.1.el8_9]

Security Fix(es):

• kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
• kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
• kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)
• kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)
• kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)
• kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
• kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
• kernel: HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
• kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() (CVE-2023-1838)
• kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
• kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
• kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list (CVE-2023-5717)
• kernel: NULL pointer dereference in nvmet_tcp_build_iovec (CVE-2023-6356)
• kernel: NULL pointer dereference in nvmet_tcp_execute_request (CVE-2023-6535)
• kernel: NULL pointer dereference in __nvmet_req_complete (CVE-2023-6536)
• kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)
• kernel: OOB Access in smb2_dump_detail (CVE-2023-6610)
• kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
• kernel: SEV-ES local priv escalation (CVE-2023-46813)

https://access.redhat.com/errata/RHSA-2024:0897?sc_cid=701600000006NHXAA2