7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
40.2%
An update is available for kernel.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Rocky Linux9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127880)
Cgroups_v2, when creating new cgroup/container, resets the cpu affinity masks for all usr processes on the system. (BZ#2143766)
Rocky Linux9.0 - boot: Add secure boot trailer (BZ#2151528)
kernel-rt-debug: WARNING: possible circular locking dependency detected (&n->list_lock->&p->pi_lock->&lock->wait_lock) (BZ#2160614)
Support cpuset.sched_load_balance by changing default CPUset directory structure (BZ#2161105)
Rocky Linux9.0 - s390/kexec: fix ipl report address for kdump (BZ#2166903)
libgpiod doesn’t seem to work with Interphase gpiochip (BZ#2166956)
Azure Rocky Linux9 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170227)
Enhancement(s):
IBM 9.2 FEAT: Upgrade the QETH driver to latest from upstream, e.g. kernel 6.0 (BZ#2166304)
Intel 9.2 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168382)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
40.2%