(RHSA-2024:0930) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)

• kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)

• kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)

• kernel: media: em28xx: initialize refcount before kref_get (CVE-2022-3239)

• kernel: use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)

• kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)

• hw: cpu: arm64: Spectre-BHB (CVE-2022-23960)

• kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581)

• kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c (CVE-2022-36402)

• kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)

• kernel: vmwgfx: use-after-free in vmw_cmd_res_check (CVE-2022-38457)

• kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context (CVE-2022-40133)

• kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)

• kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event’s read_size (CVE-2023-6931)

• kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 (CVE-2023-30456)

• kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)

• kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)

• kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.