Lucene search

K
almalinuxAlmaLinuxALSA-2022:7110
HistoryOct 25, 2022 - 12:00 a.m.

Important: kernel security, bug fix, and enhancement update

2022-10-2500:00:00
errata.almalinux.org
21

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

33.1%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
  • Information leak in scsi_ioctl() (CVE-2022-0494)
  • A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
  • RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
  • Branch Type Confusion (non-retbleed) (CVE-2022-23825)
  • RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Add s390_iommu_aperture kernel parameter (BZ#2081324)
  • Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200 (BZ#2091065)
  • Update NVME subsystem with bug fixes and minor changes (BZ#2106017)
  • Fix parsing of nw_proto for IPv6 fragments (BZ#2106703)
  • “vmcore failed, _exitcode:139” error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107488)
  • ‘disable_policy’ is ignored for addresses configured on a down interface (BZ#2109971)
  • Backport request for new cpufreq.default_governor kernel command line parameter (BZ#2109996)
  • Panics in mpt3sas mpt3sas_halt_firmware() if mpt3sas_fwfault_debug=1 enabled when poweroff issued to server (BZ#2111140)
  • IOMMU/DMA update for 8.7 (BZ#2111692)
  • Update Broadcom Emulex lpfc driver for AlmaLinux8.7 with bug fixes (14.0.0.13) (BZ#2112103)
  • Incorrect Socket(s) & “Core(s) per socket” reported by lscpu command. (BZ#2112820)
  • Panic in ch_release() due to NULL ch->device pointer, backport upstream fix (BZ#2115965)
  • pyverbs-tests fail over qede IW HCAs on “test_query_rc_qp” (tests.test_qp.QPTest) (BZ#2119122)
  • qedi shutdown handler hangs upon reboot (BZ#2119847)
  • cache link_info for ethtool (BZ#2120197)
  • Important iavf bug fixes (BZ#2120225)
  • Hibernate crash with Aquantia 2.5/5 Gb LAN card (BZ#2124966)
  • While using PTimekeeper the qede driver produces excessive log messages (BZ#2125477)
  • general protection fault handling rpc_xprt.timer (BZ#2126184)
  • Not enough device MSI-X vectors (BZ#2126482)
  • Atlantic driver panic on wakeup after hybernate (BZ#2127845)
  • Memory leak in vxlan_xmit_one (BZ#2131255)
  • Missing hybernate/resume fixes (BZ#2131936)

Enhancement(s):

  • Update smartpqi driver to latest upstream Second Set of Patches (BZ#2112354)
  • qed/qede/qedr - driver updates to latest upstream (BZ#2120611)
  • Update qedi driver to latest upstream (BZ#2120612)
  • Update qedf driver to latest upstream (BZ#2120613)
  • Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops (BZ#2127122)
  • Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64) (BZ#2129923)

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

33.1%