-
CVE-2022-3202
Null Pointer Dereference in JFS filesystem.
An attacker could use prepared image to crash the system or leak internal kernel information.
https://access.redhat.com/security/cve/cve-2022-3202
-
PSBM-142895
netfilter: core: Improper NAT hooks collision check.
Hooks collision during nftables and iptables hooks registering.
-
PSBM-141114
blk-cbt: Percpu allocation leak.
A memory leak in Changed Block Tracking code.
-
PSBM-141577
Potential deadlock when lazytime-enabled mounted ploop is running on top of a fuse-based vStorage.
There is a possible deadlock if a lazytime-enabled mounted ploop is running on top of vStorage. This tweak provides the ability to disable default lazytime mount option for ext4 mounts. For technical reasons this tweak is united with the oom_dump_tasks sysctl. You should use this sysctl in the following way: "echo 0 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default and oom tasks dumping; "echo 1 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default, enable oom tasks dumping; "echo 2 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default, disable oom tasks dumping; "echo 3 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default and oom tasks dumping.
-
PSBM-141578
netfilter: nf_tables: NULL pointer access in chain filter.
NULL pointer accsess in nf_tables chain filter leads to node crash.
-
CVE-2021-4155
Reading data from partially written XFS file block.
A data leak flaw was found in XFS filesystem. An attacker could use this flaw to read deleted data.
https://access.redhat.com/security/cve/cve-2021-4155
-
CVE-2022-22942
Use after free for file descriptor table for vmwgfx
use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem.
https://access.redhat.com/security/cve/cve-2022-22942
-
CVE-2022-0330
Kernel buffers data leak or race in intel GPU driver.
Incorrect GPU cache flush may allow access to system memory and run malicious code on GPU.
https://access.redhat.com/security/cve/cve-2022-0330
-
PSBM-140896
Potential ARP DoS for containers in host-routed network mode.
-
PSBM-141526
nfs: Excess dput in __put_nfs_open_context leads to a crash.
There is double dput in nfs_prime_dcache(). Because of this excess dput we get a crash in __put_nfs_open_context().
-
CVE-2022-1966
Use-after-free in the netfilter subsystem.
The bug allows to initialize a non-stateful lookup expressions which points to a not properly detached set, which might lead to UAF. Potetntially it leads to privilege escalation.
https://access.redhat.com/security/cve/CVE-2022-1966
-
PSBM-139465
CPU hotplug leads to a VM crash on AMD processors with PCID.
-
CVE-2022-0492
Potential privilege escalation when setting the release_agent.
Setting release_agent could potentially lead to privilege escalation from unprivileged users inside a container to the container root. It couldn't be exploited to escape containers.
https://access.redhat.com/security/cve/CVE-2022-0492
-
CVE-2021-0920
Potential use-after-free in the 'recv' operation of UNIX domain sockets.
Race condition between the garbage collector and the 'recv' operation with MSG_PEEK flag was found in the implementation of UNIX domain sockets. It could result in use-after-free and could potentially allow a local attacker to escalate their privileges in the system.
https://access.redhat.com/security/cve/CVE-2021-0920
-
CVE-2021-4083
Read-after-free in garbage collection for Unix domain socket file handlers.
-
CVE-2021-4028
Use-after-free in RDMA listen().
-
PSBM-136140
A flaw in XFS allows non-root users to read raw data from a mounted block device (CVE-2021-4155).
-
PSBM-136851
Potential memory corruption in nfsd4_lock().
-
PSBM-136295
fs/locks.c: Node crash BUG in locks_insert_block().
-
PSBM-136369
fs: potential kernel crash in inode_permission() when processing paths containing '..'.
-
PSBM-134905
nfsd: memory corruption and kernel crash in nfsd4_lock.
It was discovered that certain operations with locks on NFS could result in a memory corruption and kernel crash in nfsd4_lock(). Note that, although the patch prevents new issues of this kind, it cannot fix the corruptions that have already occurred. So, kernel crashes are still possible even within a few hours after the ReadyKernel update has been applied, but should disappear after the reboot of the affected nodes.
-
PSBM-131551
Virtual machines might fail to start on a host with AMD Milan CPU.
It was discovered that virtual machines on the hosts with AMD Milan CPUs could try to set IA32_SPEC_CTRL MSR during their startup and would fail to start: qemu-kvm would be killed by SIGABRT.
-
PSBM-130907
Kernel crash due to lack of enough skb headroom.
It was found that the kernel could crash (skb_under_panic) when TEE target mirrors traffic to another interface. In this case skb may not have enough headroom to be processed correctly. It had been fixed for IPv4 but IPv6 continued to have the bug.
-
PSBM-134323
Memory allocation failed unexpectedly in __add_to_page_cache_locked().
Ext4 FS was unexpectedly remounted read-only in a container after the container reached the limits set in the memory cgroup. It happened because the relevant memory allocations failed in __add_to_page_cache_locked while __GFP_NOFAIL flag was dropped for certain reason.
-
PSBM-133610
Memory leak happened in socket(2) if allocation of a file descriptor failed.
It was discovered that lldpad consumed lots of kernel memory. The kernel memory used for the sockets it created was never released in case of certain errors.
-
PSBM-130508
ext4: using RENAME_WHITEOUT flag when renaming files could cause file system errors ('deleted inode referenced').
-
CVE-2021-33909
size_t-to-int conversion vulnerability in the filesystem layer.
It was discovered that the implementation of seq_file files in the Linux kernel contained an error related to integer conversion (size_t to a signed integer). A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
https://www.openwall.com/lists/oss-security/2021/07/20/1
-
PSBM-130509
After certain operations with detached mounts, attempts to mount anything could unexpectedly fail with error 'No space left on device'.
-
PSBM-130693
ceph: out-of-bounds accesses in dio_get_pagev_size() caused memory corruption.
-
PSBM-130575
Network overlay 'weave' failed to create pairs of veth devices.
It was discovered that 'weave' network overlay used with Kubernetes tried to create veth devices with MTU 65535 in certain cases. Such operations failed because the maximum allowed MTU was 1500.
-
PSBM-129500
netfilter: potential kernel crash in nft_rbtree_deactivate().
-
PSBM-129412
'pcompact' operation could trigger memory leaks when 'io_kaio' I/O engine was used by ploop.
-
PSBM-129303
I/O operations could be significantly slower if 'io_kaio' rather than 'io_direct' I/O engine was used by ploop.
It was discovered that file preallocation was not requested by ploop with 'io_kaio' I/O engine. As a result, certain write operations to ploop devices could be significantly slower with 'io_kaio' than with 'io_direct' I/O engine.
-
PSBM-128205
sch_teql: kernel crash in teql_destroy().
-
PSBM-129374
ext4: timestamps could be updated in wrong inodes in certain cases, if the filesystem was mounted with 'lazytime' option.
-
VSTOR-55377
A hole in vstorage FUSE synchronization protocol leading to unsynchronized chunks.
-
PSBM-141136
ms/xfrm: fix crash in XFRM_MSG_GETSA netlink handler