Lucene search

K
redhatRedHatRHSA-2023:3349
HistoryMay 30, 2023 - 2:45 p.m.

(RHSA-2023:3349) Important: kernel security and bug fix update

2023-05-3014:45:55
access.redhat.com
33
netfilter nf_tables privilege escalation cve-2023-32233 qede driver intel qat update fips mode rct apt health tests smpboot scheduler frequency invariance.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • The qede driver changes rx-usecs: to 256 causing performance impact (BZ#2176104)

  • Intel QAT Update - (kernel changes) (BZ#2176850)

  • In FIPS mode, kernel does not transition into error state when RCT or APT health tests fail (BZ#2181730)

  • “smpboot: Scheduler frequency invariance went wobbly, disabling!” on nohz_full CPUs after long run (BZ#2188067)

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%