VYPR

rpm package

almalinux/kernel-rt-kvm

pkg:rpm/almalinux/kernel-rt-kvm

Vulnerabilities (523)

  • CVE-2023-3610Jul 21, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET

  • CVE-2023-35001Jul 5, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-31248Jul 5, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

  • CVE-2023-3390Jun 28, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This fl

  • CVE-2023-3090Jun 28, 2023
    affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2

    A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_

  • CVE-2023-35788Jun 16, 2023
    affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2

    An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

  • CVE-2023-2002May 26, 2023
    affected < 5.14.0-284.18.1.rt14.303.el9_2fixed 5.14.0-284.18.1.rt14.303.el9_2

    A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availabil

  • CVE-2023-1195May 18, 2023
    affected < 5.14.0-284.11.1.rt14.296.el9_2fixed 5.14.0-284.11.1.rt14.296.el9_2

    A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

  • CVE-2023-2124May 15, 2023
    affected < 5.14.0-284.18.1.rt14.303.el9_2fixed 5.14.0-284.18.1.rt14.303.el9_2

    An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.

  • CVE-2023-21102May 15, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr

  • CVE-2023-32233May 8, 2023
    affected < 4.18.0-477.13.1.rt7.276.el8_8fixed 4.18.0-477.13.1.rt7.276.el8_8

    In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mis

  • CVE-2023-2235May 1, 2023
    affected < 5.14.0-284.18.1.rt14.303.el9_2fixed 5.14.0-284.18.1.rt14.303.el9_2

    A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it p

  • CVE-2023-0458Apr 26, 2023
    affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2

    A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 o

  • CVE-2023-1998Apr 21, 2023
    affected < 5.14.0-284.25.1.rt14.310.el9_2fixed 5.14.0-284.25.1.rt14.310.el9_2

    The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim pr

  • CVE-2023-2194Apr 20, 2023
    affected < 5.14.0-284.18.1.rt14.303.el9_2fixed 5.14.0-284.18.1.rt14.303.el9_2

    An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could al

  • CVE-2023-1382Apr 19, 2023
    affected < 5.14.0-284.11.1.rt14.296.el9_2fixed 5.14.0-284.11.1.rt14.296.el9_2

    A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.

  • CVE-2023-1829Apr 12, 2023
    affected < 4.18.0-477.21.1.rt7.284.el8_8fixed 4.18.0-477.21.1.rt7.284.el8_8

    A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying struc

  • CVE-2023-1582Apr 5, 2023
    affected < 4.18.0-477.10.1.rt7.274.el8_8fixed 4.18.0-477.10.1.rt7.274.el8_8

    A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.

  • CVE-2022-4744Mar 30, 2023
    affected < 5.14.0-162.22.2.rt21.186.el9_1fixed 5.14.0-162.22.2.rt21.186.el9_1

    A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the

  • CVE-2023-1637Mar 27, 2023
    affected < 5.14.0-284.30.1.rt14.315.el9_2fixed 5.14.0-284.30.1.rt14.315.el9_2

    A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unaut

Page 21 of 27