8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.8%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events (CVE-2023-2235)
kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016)
kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
kernel: OOB access in the Linux kernel’s XFS subsystem (CVE-2023-2124)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Backport kernel audit enhancements and fixes from v5.13-rc1 to v5.16-rc6 (BZ#2098210)
INTEL 9.0 BUG VROC: RAID rebuild doesn’t start after removing drive during FIO (BZ#2174890)
HPEMC RHEL 9 BUG: acpi-cpufreq: Skip initializtion if a cpufreq driver exists (BZ#2186564)
RHEL9.3: Update locking code to upstream 6.1 and further fixes (BZ#2187517)
block layer: update with upstream v6.0 (BZ#2196175)
rhel-9: Invalid character detected by rpminspect in Documentation/translations/zh_CN/process/magic-number.rst (BZ#2208244)
Trouble getting callstacks when signal has interrupted clock_gettime (BZ#2210076)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 9 | x86_64 | kernel-tools-libs-devel | < 5.14.0-70.64.1.el9_0 | kernel-tools-libs-devel-5.14.0-70.64.1.el9_0.x86_64.rpm |
RedHat | 9 | x86_64 | kernel-debug | < 5.14.0-70.64.1.el9_0 | kernel-debug-5.14.0-70.64.1.el9_0.x86_64.rpm |
RedHat | 9 | s390x | perf | < 5.14.0-70.64.1.el9_0 | perf-5.14.0-70.64.1.el9_0.s390x.rpm |
RedHat | 9 | ppc64le | python3-perf | < 5.14.0-70.64.1.el9_0 | python3-perf-5.14.0-70.64.1.el9_0.ppc64le.rpm |
RedHat | 9 | ppc64le | perf-debuginfo | < 5.14.0-70.64.1.el9_0 | perf-debuginfo-5.14.0-70.64.1.el9_0.ppc64le.rpm |
RedHat | 9 | s390x | bpftool | < 5.14.0-70.64.1.el9_0 | bpftool-5.14.0-70.64.1.el9_0.s390x.rpm |
RedHat | 9 | aarch64 | kernel-core | < 5.14.0-70.64.1.el9_0 | kernel-core-5.14.0-70.64.1.el9_0.aarch64.rpm |
RedHat | 9 | ppc64le | bpftool | < 5.14.0-70.64.1.el9_0 | bpftool-5.14.0-70.64.1.el9_0.ppc64le.rpm |
RedHat | 9 | aarch64 | kernel-tools-libs-devel | < 5.14.0-70.64.1.el9_0 | kernel-tools-libs-devel-5.14.0-70.64.1.el9_0.aarch64.rpm |
RedHat | 9 | ppc64le | kernel-modules | < 5.14.0-70.64.1.el9_0 | kernel-modules-5.14.0-70.64.1.el9_0.ppc64le.rpm |
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.8%