(RHSA-2024:0113) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: use after free in unix_stream_sendpage (CVE-2023-4622)

• kernel: vmwgfx: reference count issue leads to use-after-free in surface handling (CVE-2023-5633)

• kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)

• Kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)

• hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Backport OVS l4 Symmetric Hashing to rhel-8 (JIRA:RHEL-12746)

• Unbounded memory usage by TCP for receive buffers (JIRA:RHEL-15096)

• various kind of guests freeze on rhel 8.8 (JIRA:RHEL-15121)

• RHEL 8: netfilter: conntrack: Fix gre tunneling over ipv6 (JIRA:RHEL-15259)

• NFSv4.1 needs to handle ENOENT error from GETDEVICEINFO (JIRA:RHEL-16407)

• DM multipath showing failed path for an nvme-o-FC LUN when performing I/O operations (JIRA:RHEL-14718)