(RHSA-2024:1304) Moderate: kernel security, bug fix, and enhancement update

2024-03-1300:06:04

access.redhat.com

rhsa-2024

linux kernel

memcg

cve-2022-0480

rhel9

jira

google cloud

raid5

md/raid5

ext4

bpf

crypto

hpemc

ipoib

dm-crypt

dm-verity

ffdhe

s390/qeth

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

14.3%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480)

Bug Fix(es):

[RHEL9] Add various *.peak control files to cgroup v2 (JIRA:RHEL-22850)
RHEL9 Guest on Google Cloud panics on reading pvpanic device capabilities (JIRA:RHEL-23858)
raid5: read data is wrong when recovery happens (JIRA:RHEL-23882)
md/raid5: release batch_last before waiting for another stripe_head (JIRA:RHEL-24512)
[regression][ext4][xfstests generic/094] Error reading from file with invalid argument (JIRA:RHEL-25436)
bpf: Fix elem_size not being set for inner maps (JIRA:RHEL-25764)
Backport “crypto: rsa - allow only odd e and restrict value in FIPS mode” (JIRA:RHEL-26078)
kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (JIRA:RHEL-8911)
[HPEMC RHEL 9.3 BUG] tools/power/x86 intel-speed-select crashes on systems with more than 8 sockets (JIRA:RHEL-17907)
IPoIB: fix PKEY creation (JIRA:RHEL-22221)
Memory corruption when using dm-crypt or dm-verity on RHEL-9 (JIRA:RHEL-26095)
backport smartpqi: fix disable_managed_interrupts (JIRA:RHEL-26143)
ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:RHEL-27007)

Enhancement(s):

s390/qeth: Fix vipa deletion (JIRA:RHEL-25813)

OSVersionArchitecturePackageVersionFilename
RedHat9aarch64kernel-64k-devel-matched< 5.14.0-284.57.1.el9_2kernel-64k-devel-matched-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat9aarch64kernel-64k-debug-devel< 5.14.0-284.57.1.el9_2kernel-64k-debug-devel-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat9s390xkernel< 5.14.0-284.57.1.el9_2kernel-5.14.0-284.57.1.el9_2.s390x.rpm
RedHat9aarch64kernel-modules< 5.14.0-284.57.1.el9_2kernel-modules-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat9x86_64kernel-tools-debuginfo< 5.14.0-284.57.1.el9_2kernel-tools-debuginfo-5.14.0-284.57.1.el9_2.x86_64.rpm
RedHat9s390xkernel-zfcpdump-core< 5.14.0-284.57.1.el9_2kernel-zfcpdump-core-5.14.0-284.57.1.el9_2.s390x.rpm
RedHat9ppc64lekernel-debug-core< 5.14.0-284.57.1.el9_2kernel-debug-core-5.14.0-284.57.1.el9_2.ppc64le.rpm
RedHat9aarch64kernel-debug-devel-matched< 5.14.0-284.57.1.el9_2kernel-debug-devel-matched-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat9ppc64lekernel-core< 5.14.0-284.57.1.el9_2kernel-core-5.14.0-284.57.1.el9_2.ppc64le.rpm
RedHat9aarch64kernel-64k-debug-modules< 5.14.0-284.57.1.el9_2kernel-64k-debug-modules-5.14.0-284.57.1.el9_2.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	aarch64	kernel-64k-devel-matched	< 5.14.0-284.57.1.el9_2	kernel-64k-devel-matched-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat	9	aarch64	kernel-64k-debug-devel	< 5.14.0-284.57.1.el9_2	kernel-64k-debug-devel-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat	9	s390x	kernel	< 5.14.0-284.57.1.el9_2	kernel-5.14.0-284.57.1.el9_2.s390x.rpm
RedHat	9	aarch64	kernel-modules	< 5.14.0-284.57.1.el9_2	kernel-modules-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat	9	x86_64	kernel-tools-debuginfo	< 5.14.0-284.57.1.el9_2	kernel-tools-debuginfo-5.14.0-284.57.1.el9_2.x86_64.rpm
RedHat	9	s390x	kernel-zfcpdump-core	< 5.14.0-284.57.1.el9_2	kernel-zfcpdump-core-5.14.0-284.57.1.el9_2.s390x.rpm
RedHat	9	ppc64le	kernel-debug-core	< 5.14.0-284.57.1.el9_2	kernel-debug-core-5.14.0-284.57.1.el9_2.ppc64le.rpm
RedHat	9	aarch64	kernel-debug-devel-matched	< 5.14.0-284.57.1.el9_2	kernel-debug-devel-matched-5.14.0-284.57.1.el9_2.aarch64.rpm
RedHat	9	ppc64le	kernel-core	< 5.14.0-284.57.1.el9_2	kernel-core-5.14.0-284.57.1.el9_2.ppc64le.rpm
RedHat	9	aarch64	kernel-64k-debug-modules	< 5.14.0-284.57.1.el9_2	kernel-64k-debug-modules-5.14.0-284.57.1.el9_2.aarch64.rpm