Lucene search
OracleLinuxELSA-2023-1470HistoryMar 28, 2023 - 12:00 a.m.
kernel security, bug fix, and enhancement update
2023-03-2800:00:00
linux.oracle.com
15
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
34.1%
- [5.14.0-162.22.2_1.OL9]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
- Remove nmap references from kernel (Mridula Shastry) [Orabug: 34313944]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
[5.14.0-162.22.2_1] - tun: avoid double free in tun_free_netdev (Jon Maloy) [2156373] {CVE-2022-4744}
[5.14.0-162.22.1_1] - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (Jaroslav Kysela) [2163390 2125540] {CVE-2023-0266}
[5.14.0-162.21.1_1] - s390/boot: add secure boot trailer (Tobias Huschle) [2151528 2141966]
- s390/kexec: fix ipl report address for kdump (Tobias Huschle) [2166903 2161327]
- s390/qeth: cache link_info for ethtool (Tobias Huschle) [2166304 2110436]
- scsi: zfcp: Fix missing auto port scan and thus missing target ports (Tobias Huschle) [2127880 2121088]
[5.14.0-162.20.1_1] - cgroup/cpuset: remove unreachable code (Waiman Long) [2161105 1946801]
- kselftest/cgroup: Add cpuset v2 partition root state test (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Update description of cpuset.cpus.partition in cgroup-v2.rst (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Make partition invalid if cpumask change violates exclusivity rule (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Relocate a code block in validate_change() (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Show invalid partition reason string (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Add a new isolated cpus.partition type (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Relax constraints to partition & cpus changes (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Allow no-task partition to have empty cpuset.cpus.effective (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Miscellaneous cleanups & add helper functions (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (Waiman Long) [2161105 1946801]
- cpuset: convert ‘allowed’ in __cpuset_node_allowed() to be boolean (Waiman Long) [2161105 1946801]
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long) [2161105 1946801]
- cgroup: cleanup comments (Waiman Long) [2161105 1946801]
- act_mirred: use the backlog for nested calls to mirred ingress (Davide Caratti) [2164655 2150278] {CVE-2022-4269}
- net/sched: act_mirred: better wording on protection against excessive stack growth (Davide Caratti) [2164655 2150278] {CVE-2022-4269}
- scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (Emanuele Giuseppe Esposito) [2170227 2150660]
[5.14.0-162.19.1_1] - sched/core: Use kfree_rcu() in do_set_cpus_allowed() (Waiman Long) [2160614 2143847]
- sched/core: Fix use-after-free bug in dup_user_cpus_ptr() (Waiman Long) [2160614 2143847]
- sched: Always clear user_cpus_ptr in do_set_cpus_allowed() (Waiman Long) [2143766 2107354]
- sched: Enforce user requested affinity (Waiman Long) [2143766 2107354]
- sched: Always preserve the user requested cpumask (Waiman Long) [2143766 2107354]
- sched: Introduce affinity_context (Waiman Long) [2143766 2107354]
- sched: Add __releases annotations to affine_move_task() (Waiman Long) [2143766 2107354]
- x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly (Dean Nelson) [2168382 2122851]
- x86/fpu: Exclude dynamic states from init_fpstate (Dean Nelson) [2168382 2122851]
- x86/fpu: Fix the init_fpstate size check with the actual size (Dean Nelson) [2168382 2122851]
- x86/fpu: Configure init_fpstate attributes orderly (Dean Nelson) [2168382 2122851]
- x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (Dean Nelson) [2168382 2122851]
Related
nessus
nessus
Rocky Linux 9 : kernel (RLSA-2023:1470)
2023-04-06 00:00:00
RHEL 9 : kernel-rt (RHSA-2023:1469)
2023-03-27 00:00:00
AlmaLinux 9 : kernel (ALSA-2023:1470)
2023-03-27 00:00:00
osv
osv
Important: kernel-rt security and bug fix update
2023-04-06 15:23:50
Important: kernel security, bug fix, and enhancement update
2023-04-06 15:23:59
Important: kernel security, bug fix, and enhancement update
2023-03-27 00:00:00
almalinux
almalinux
Important: kernel-rt security and bug fix update
2023-03-27 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-03-27 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-04-04 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2023-04-06 15:23:50
kernel security, bug fix, and enhancement update
2023-04-06 15:23:59
kernel-rt security and bug fix update
2023-04-26 15:28:18
redhat
redhat
(RHSA-2023:1469) Important: kernel-rt security and bug fix update
2023-03-27 07:47:53
(RHSA-2023:1470) Important: kernel security, bug fix, and enhancement update
2023-03-27 07:48:31
(RHSA-2023:1471) Important: kpatch-patch security update
2023-03-27 07:48:34
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-04-05 00:00:00
Unbreakable Enterprise kernel security update
2023-03-16 00:00:00
redhatcve
redhatcve
prion
prion
debiancve
debiancve
ubuntucve
ubuntucve
cve
cve
cbl_mariner
cbl_mariner
CVE-2023-0266 affecting package kernel 5.15.87.1-1
2023-02-14 20:21:22
CVE-2023-0266 affecting package hyperv-daemons 5.15.87.1-1
2023-02-14 20:21:22
CVE-2023-0266 affecting package hyperv-daemons 5.10.167.1-1
2023-03-02 04:18:44
attackerkb
attackerkb
CVE-2023-0266
2023-01-30 00:00:00
f5
f5
K000137058 : Linux kernel vulnerability CVE-2022-4269
2023-09-29 00:00:00
K000133644 : Linux kernel vulnerability CVE-2023-0266
2023-04-24 00:00:00
veracode
veracode
Privilege Escalation
2023-03-06 20:47:17
cisa_kev
cisa_kev
Linux Kernel Use-After-Free Vulnerability
2023-03-30 00:00:00
ibm
ibm
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0394-1)
2023-02-14 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0394-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1806)
2023-05-09 00:00:00
googleprojectzero
googleprojectzero
Analyzing a Modern In-the-wild Android Exploit
2023-09-19 00:00:00
redos
redos
ROS-20230915-10
2023-09-15 00:00:00
thn
thn
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-06-16 00:00:00
Linux kernel (IBM) vulnerabilities
2023-06-22 00:00:00
Linux kernel vulnerabilities
2023-03-23 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
34.1%
Related for ELSA-2023-1470