CLSA-2023-1701963303

net/tls: do not free tlsrec on async operation in bpfexectxverdict() {CVE-2023-6176}
wifi: mac80211: fix MBSSID parsing use-after-free {CVE-2022-42719}
mac80211: always allocate struct ieee80211elems {CVE-2022-42719}
x86/sev: Check for user-space IOIO pointing to kernel space {CVE-2023-46813}
x86/sev: Check IOBM for IOIO exceptions from user-space {CVE-2023-46813}
x86/sev: Disable MMIO emulation from user mode {CVE-2023-46813}
netfilter: nftables: exthdr: fix 4-byte stack OOB write {CVE-2023-4881}
net: sched: schqfq: Fix UAF in qfqdequeue() {CVE-2023-4921}
netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethash_netportnet.c {CVE-2023-42753}
net/sched: cls_tcindex: downgrade to imperfect hash {CVE-2023-1829}
USB: ene_usb6250: Allocate enough memory for full object {CVE-2023-45862}
igb: set max size RX buffer when store bad packet is enabled {CVE-2023-45871}
net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}
Fix double fget() in vhostnetset_backend() {CVE-2023-1838}
nvmet-tcp: Fix a possible UAF in queue intialization setup {CVE-2023-5178}
drm/qxl: fix UAF on handle creation {CVE-2023-39198}
net: add kerneldoc comment for skpeerlock {CVE-2021-4203}
afunix: fix races in skpeerpid and skpeer_cred accesses {CVE-2021-4203}
block-map: add __GFPZERO flag for allocpage in function biocopykern {CVE-2022-0494}
media: ov519: add missing endpoint sanity checks {CVE-2020-11608}
act_mirred: use the backlog for nested calls to mirred ingress {CVE-2022-4269}
net/sched: act_mirred: better wording on protection against excessive stack growth {CVE-2022-4269}
inet: use bigger hash table for IP ID generation {CVE-2021-45486}
net: revert "net: get rid of an signed integer overflow in ipidentsreserve()" {CVE-2021-45486}

References

https://errata.cloudlinux.com/centos8.4-els/CLSA-2023-1701963303.html

Affected packages

TuxCare:CentOS:8.4

bpftool

Package

Name: bpftool
Purl: pkg:rpm/tuxcare/bpftool?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel

Package

Name: kernel
Purl: pkg:rpm/tuxcare/kernel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-core

Package

Name: kernel-core
Purl: pkg:rpm/tuxcare/kernel-core?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-cross-headers

Package

Name: kernel-cross-headers
Purl: pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug

Package

Name: kernel-debug
Purl: pkg:rpm/tuxcare/kernel-debug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug-core

Package

Name: kernel-debug-core
Purl: pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug-devel

Package

Name: kernel-debug-devel
Purl: pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug-modules

Package

Name: kernel-debug-modules
Purl: pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug-modules-extra

Package

Name: kernel-debug-modules-extra
Purl: pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-debug-modules-internal

Package

Name: kernel-debug-modules-internal
Purl: pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-devel

Package

Name: kernel-devel
Purl: pkg:rpm/tuxcare/kernel-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-headers

Package

Name: kernel-headers
Purl: pkg:rpm/tuxcare/kernel-headers?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-ipaclones-internal

Package

Name: kernel-ipaclones-internal
Purl: pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-modules

Package

Name: kernel-modules
Purl: pkg:rpm/tuxcare/kernel-modules?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-modules-extra

Package

Name: kernel-modules-extra
Purl: pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-modules-internal

Package

Name: kernel-modules-internal
Purl: pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-selftests-internal

Package

Name: kernel-selftests-internal
Purl: pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-tools

Package

Name: kernel-tools
Purl: pkg:rpm/tuxcare/kernel-tools?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-tools-libs

Package

Name: kernel-tools-libs
Purl: pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

kernel-tools-libs-devel

Package

Name: kernel-tools-libs-devel
Purl: pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

perf

Package

Name: perf
Purl: pkg:rpm/tuxcare/perf?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"

python3-perf

Package

Name: python3-perf
Purl: pkg:rpm/tuxcare/python3-perf?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els12

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1701963303.json"