Lucene search

K
redhatRedHatRHSA-2023:0496
HistoryJan 30, 2023 - 1:38 p.m.

(RHSA-2023:0496) Important: kernel security and bug fix update

2023-01-3013:38:06
access.redhat.com
88
kernel security update
memory corruption
tlb flush
bug fix update
usb ethernet device
gpu
cow after fork
vmsplice child
gup after fork
dpdk application
i40e sriov virtual functions
net/ice
hpe
premature swapping
azure
memory cgroup
oom problem

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

  • kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • fix for “CoW after fork() issue” aka “vmsplice child -> parent attack” aka “GUP after fork bug” (BZ#2137547)

  • After upgrading to ocp4.11.1, our dpdk application using vlan strip offload is not working (BZ#2138207)

  • i40e sriov virtual functions not created (BZ#2140103)

  • net/ice: VIRTCHNL_OP_CONFIG_VSI_QUEUES command handling failure with in-tree driver (BZ#2142019)

  • HPE: Premature swapping with swappiness=0 while there’s still plenty of pagecache to be reclaimed. (BZ#2151634)

  • The “kernel BUG at mm/usercopy.c:103!” from BZ 2041529 is back on rhel-8.5 (BZ#2153232)

  • Azure: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155274)

  • Azure: VM Deployment Failures Patch Request (BZ#2155282)

  • RHEL 8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157924)

  • RHEL 8.5: Backport upstream memory cgroup commits up to v5.12 (BZ#2158049)

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

12.6%