rpm package

almalinux/kernel-rt-core

pkg:rpm/almalinux/kernel-rt-core

Vulnerabilities (1,061)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-39193	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Oct 9, 2023	A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
CVE-2023-39189	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Oct 9, 2023	A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform
CVE-2023-42754	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Oct 5, 2023	A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
CVE-2023-42756	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Sep 28, 2023	A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
CVE-2023-25775	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Aug 11, 2023	Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVE-2023-4147	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Aug 7, 2023	A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
CVE-2023-4133	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Aug 3, 2023	A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser
CVE-2023-4004	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 31, 2023	A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste
CVE-2023-20593	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 24, 2023	An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVE-2023-3567	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Jul 24, 2023	A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
CVE-2023-3776	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 21, 2023	A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
CVE-2023-3610	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 21, 2023	A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET
CVE-2023-37453	—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Jul 6, 2023	An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.
CVE-2023-35001	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 5, 2023	Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-31248	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jul 5, 2023	Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-3390	—	< 5.14.0-284.30.1.rt14.315.el9_2	5.14.0-284.30.1.rt14.315.el9_2	Jun 28, 2023	A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl
CVE-2023-3090	—	< 5.14.0-284.25.1.rt14.310.el9_2	5.14.0-284.25.1.rt14.310.el9_2	Jun 28, 2023	A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_
CVE-2023-35788	—	< 5.14.0-284.25.1.rt14.310.el9_2	5.14.0-284.25.1.rt14.310.el9_2	Jun 16, 2023	An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
CVE-2023-2002	—	< 5.14.0-284.18.1.rt14.303.el9_2	5.14.0-284.18.1.rt14.303.el9_2	May 26, 2023	A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-1195	—	< 5.14.0-284.11.1.rt14.296.el9_2	5.14.0-284.11.1.rt14.296.el9_2	May 18, 2023	A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

CVE-2023-39193Oct 9, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
CVE-2023-39189Oct 9, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or inform
CVE-2023-42754Oct 5, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with C
CVE-2023-42756Sep 28, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.
CVE-2023-25775Aug 11, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVE-2023-4147Aug 7, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
CVE-2023-4133Aug 3, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of ser
CVE-2023-4004Jul 31, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the syste
CVE-2023-20593Jul 24, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
CVE-2023-3567Jul 24, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
CVE-2023-3776Jul 21, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_b
CVE-2023-3610Jul 21, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET
CVE-2023-37453Jul 6, 2023
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.
CVE-2023-35001Jul 5, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-31248Jul 5, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace
CVE-2023-3390Jun 28, 2023
affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl
CVE-2023-3090Jun 28, 2023
affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_
CVE-2023-35788Jun 16, 2023
affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
CVE-2023-2002May 26, 2023
affected < 5.14.0-284.18.1.rt14.303.el9_2fixed 5.14.0-284.18.1.rt14.303.el9_2
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil
CVE-2023-1195May 18, 2023
affected < 5.14.0-284.11.1.rt14.296.el9_2fixed 5.14.0-284.11.1.rt14.296.el9_2
A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

Page 47 of 54