7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.2%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)
kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458)
kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
HPEMC RHEL 9 BUG: acpi-cpufreq: Skip initializtion if a cpufreq driver exists (BZ#2186562)
RHEL 9.3: Update locking code to upstream 6.1 and further fixes (BZ#2187507)
Getting “kernel: RIP: 0010:nvme_setup_discard+0x172/0x1e0 [nvme_core]” when I/O and DISCARD commands are sent to the file system on NVMe/TCP multipath device (BZ#2192632)
RHEL 9.2 OS cannot boot successfully when enabling VMD in UEFI setup (BZ#2196230)
Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2209284)
Trouble getting callstacks when signal has interrupted clock_gettime (BZ#2210074)
DELL 9.3 BUG: HDMI/DP audio output device lost on some new wn21 series graphic card(Discrete mode). (BZ#2211656)
DELL RHEL 9.2 BUG: Observed device_dax related probe errors in dmesg when HBM CPU is set to flat mode and creating duplicate device_dax ids and hence probe is failing (BZ#2212386)
ice: The response of the “ubxtool -p <PRESET>” command may not correspond to the command: (BZ#2213186)
Update lpfc 14.2.0.12 for RHEL 9.3 Inbox with three bug fixes from 14.2.0.13 (BZ#2213616)
avoid unnecessary page fault retires on shared memory types (BZ#2213894)
jitter: Fix RCT/APT health test during initialization (BZ#2215080)
coretemp driver causes RDMSR interruption on isolated CPU (BZ#2215552)
rbd: avoid fast-diff corruption in snapshot-based mirroring (BZ#2216569)
Hyper-V RHEL-9: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2217066)
OVS ERSPAN2: ip6erspan incorrect erspan version in GRE header (BZ#2217493)
kernel-rt: system hung during stress-ng (BZ#2217939)
kvm/sriov: high latency after soft reboot (BZ#2218871)
CPU slushiness observed with lots of kworkers being created on host when more than 2 vm spawned in single shot (BZ#2218935)
Wrong hwlat CPU affinity when started from a container. (BZ#2221157)
cifs: check the lease context if we actually got a lease (BZ#2221159)
Enhancement(s):
Intel 9.3 FEAT SPR power: Intel SST SNC4 support (BZ#2185605)
Dell 9.3 Feat dell-wmi-privacy: The microphone still have function when press F4 Microphone Mute hotkey on Orchid Bay MLK (BZ#2209808)
RFE: Support for a ‘source-load-balancing’ bonding mode (BZ#2221169)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
13.2%