rpm package

almalinux/kernel-doc

pkg:rpm/almalinux/kernel-doc

Vulnerabilities (1,156)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-3141	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	Jun 9, 2023	A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
CVE-2023-2002	—	< 4.18.0-477.27.2.el8_8	4.18.0-477.27.2.el8_8	May 26, 2023	A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-33203	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	May 18, 2023	The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.
CVE-2023-1195	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	May 18, 2023	A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.
CVE-2023-2124	—	< 4.18.0-477.21.1.el8_8	4.18.0-477.21.1.el8_8	May 15, 2023	An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-32233	—	< 4.18.0-477.13.1.el8_8	4.18.0-477.13.1.el8_8	May 8, 2023	In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis
CVE-2023-2513	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	May 8, 2023	A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
CVE-2023-2235	—	< 4.18.0-477.21.1.el8_8	4.18.0-477.21.1.el8_8	May 1, 2023	A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p
CVE-2023-31436	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	Apr 28, 2023	qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-0458	—	< 5.14.0-284.25.1.el9_2	5.14.0-284.25.1.el9_2	Apr 26, 2023	A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 o
CVE-2023-31084	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	Apr 24, 2023	An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_
CVE-2023-31083	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Apr 24, 2023	An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
CVE-2023-1998	—	< 5.14.0-284.25.1.el9_2	5.14.0-284.25.1.el9_2	Apr 21, 2023	The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim pr
CVE-2023-2194	—	< 4.18.0-477.21.1.el8_8	4.18.0-477.21.1.el8_8	Apr 20, 2023	An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could al
CVE-2023-2176	—	< 4.18.0-513.18.1.el8_9	4.18.0-513.18.1.el8_9	Apr 20, 2023	A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
CVE-2023-28328	—	< 4.18.0-513.5.1.el8_9	4.18.0-513.5.1.el8_9	Apr 19, 2023	A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus
CVE-2023-2166	—	< 4.18.0-513.18.1.el8_9	4.18.0-513.18.1.el8_9	Apr 19, 2023	A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service.
CVE-2023-2162	—	< 4.18.0-513.11.1.el8_9	4.18.0-513.11.1.el8_9	Apr 19, 2023	A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
CVE-2023-1382	—	< 5.14.0-284.11.1.el9_2	5.14.0-284.11.1.el9_2	Apr 19, 2023	A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.
CVE-2023-1829	—	< 4.18.0-477.21.1.el8_8	4.18.0-477.21.1.el8_8	Apr 12, 2023	A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

CVE-2023-3141Jun 9, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
CVE-2023-2002May 26, 2023
affected < 4.18.0-477.27.2.el8_8fixed 4.18.0-477.27.2.el8_8
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-33203May 18, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.
CVE-2023-1195May 18, 2023
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.
CVE-2023-2124May 15, 2023
affected < 4.18.0-477.21.1.el8_8fixed 4.18.0-477.21.1.el8_8
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-32233May 8, 2023
affected < 4.18.0-477.13.1.el8_8fixed 4.18.0-477.13.1.el8_8
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis
CVE-2023-2513May 8, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
CVE-2023-2235May 1, 2023
affected < 4.18.0-477.21.1.el8_8fixed 4.18.0-477.21.1.el8_8
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p
CVE-2023-31436Apr 28, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.
CVE-2023-0458Apr 26, 2023
affected < 5.14.0-284.25.1.el9_2fixed 5.14.0-284.25.1.el9_2
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 o
CVE-2023-31084Apr 24, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_
CVE-2023-31083Apr 24, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
CVE-2023-1998Apr 21, 2023
affected < 5.14.0-284.25.1.el9_2fixed 5.14.0-284.25.1.el9_2
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim pr
CVE-2023-2194Apr 20, 2023
affected < 4.18.0-477.21.1.el8_8fixed 4.18.0-477.21.1.el8_8
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could al
CVE-2023-2176Apr 20, 2023
affected < 4.18.0-513.18.1.el8_9fixed 4.18.0-513.18.1.el8_9
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
CVE-2023-28328Apr 19, 2023
affected < 4.18.0-513.5.1.el8_9fixed 4.18.0-513.5.1.el8_9
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially caus
CVE-2023-2166Apr 19, 2023
affected < 4.18.0-513.18.1.el8_9fixed 4.18.0-513.18.1.el8_9
A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service.
CVE-2023-2162Apr 19, 2023
affected < 4.18.0-513.11.1.el8_9fixed 4.18.0-513.11.1.el8_9
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
CVE-2023-1382Apr 19, 2023
affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2
A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.
CVE-2023-1829Apr 12, 2023
affected < 4.18.0-477.21.1.el8_8fixed 4.18.0-477.21.1.el8_8
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

Page 49 of 58