-
PSBM-141642
Calling kfree_skb from hardware interrupt may cause deadlock
Avoid possible deadlock and packet loss. Fixes: PSBM-140896 Potential ARP DoS.
-
CVE-2021-4155
Reading data from partially written XFS file block.
A data leak flaw was found in XFS filesystem. An attacker could use this flaw to read deleted data.
https://access.redhat.com/security/cve/cve-2021-4155
-
CVE-2022-22942
Use after free for file descriptor table for vmwgfx
use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem.
https://access.redhat.com/security/cve/cve-2022-22942
-
CVE-2022-0330
Kernel buffers data leak or race in intel GPU driver.
Incorrect GPU cache flush may allow access to system memory and run malicious code on GPU.
https://access.redhat.com/security/cve/cve-2022-0330
-
PSBM-140896
Potential ARP DoS for containers in host-routed network mode.
-
PSBM-141526
nfs: Excess dput in __put_nfs_open_context leads to a crash.
There is double dput in nfs_prime_dcache(). Because of this excess dput we get a crash in __put_nfs_open_context().
-
CVE-2022-1966
Use-after-free in the netfilter subsystem.
The bug allows to initialize a non-stateful lookup expressions which points to a not properly detached set, which might lead to UAF. Potetntially it leads to privilege escalation.
https://access.redhat.com/security/cve/CVE-2022-1966
-
PSBM-139465
CPU hotplug leads to a VM crash on AMD processors with PCID.
-
CVE-2022-0492
Potential privilege escalation when setting the release_agent.
Setting release_agent could potentially lead to privilege escalation from unprivileged users inside a container to the container root. It couldn't be exploited to escape containers.
https://access.redhat.com/security/cve/CVE-2022-0492
-
CVE-2021-0920
Potential use-after-free in the 'recv' operation of UNIX domain sockets.
Race condition between the garbage collector and the 'recv' operation with MSG_PEEK flag was found in the implementation of UNIX domain sockets. It could result in use-after-free and could potentially allow a local attacker to escalate their privileges in the system.
https://access.redhat.com/security/cve/CVE-2021-0920
-
CVE-2021-4083
Read-after-free in garbage collection for Unix domain socket file handlers.
-
CVE-2021-4028
Use-after-free in RDMA listen().
-
VSTOR-55377
A hole in vstorage FUSE synchronization protocol leading to unsynchronized chunks.
-
PSBM-141136
ms/xfrm: fix crash in XFRM_MSG_GETSA netlink handler