readykernel-patch-185.3-156.4-1.vl7

A use-after-free vulnerability in the quota mechanism, leading to a denial of service.

An integer coercion error in the openvswitch kernel module potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.

A memory leak in the IPv6 functionality. This flaw allows a user to crash the system.

A vulnerability in the tcp subsystem. This issue could allow an attacker to leak internal kernel information.

A firewall flaw that can bypass the Netfilter functionality. This flaw allows a remote user to gain unauthorized access to the system.

A vulnerability in the Netronome Flow Processor (NFP) driver. This flaw allows a manipulation that may lead to a use-after-free issue.

A use-after-free vulnerability the NFS filesystem. This flaw allows an attacker to conduct a remote denial of service.

An information leak flaw in NFS over RDMA. This flaw allows an attacker with normal user privileges to leak kernel information.

A flaw in the NFS filesystem. This flaw leads to the kernel's data leak into the userspace.

A NULL pointer dereference in the net SLIP driver. This issue could allow an attacker to crash the system or leak internal kernel information.

A use-after-free in the virtio network subcomponent. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem.

A use-after-free in the network subcomponent. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information.

A use-after-free flaw in the IGMP protocol. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Possible deadlock in kernel during connect to cluster storage.

Unstable network connection caused by corruption packets in the network card driver.

Possible kernel crash while handling out of memory situation.

An attacker could use prepared image to crash the system or leak internal kernel information.

Hooks collision during nftables and iptables hooks registering.

A memory leak in Changed Block Tracking code.

There is a possible deadlock if a lazytime-enabled mounted ploop is running on top of vStorage. This tweak provides the ability to disable default lazytime mount option for ext4 mounts. For technical reasons this tweak is united with the oom_dump_tasks sysctl. You should use this sysctl in the following way: "echo 0 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default and oom tasks dumping; "echo 1 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default, enable oom tasks dumping; "echo 2 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default, disable oom tasks dumping; "echo 3 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default and oom tasks dumping.

NULL pointer accsess in nf_tables chain filter leads to node crash.

Avoid possible deadlock and packet loss. Fixes: PSBM-140896 Potential ARP DoS.

A data leak flaw was found in XFS filesystem. An attacker could use this flaw to read deleted data.

use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem.

Incorrect GPU cache flush may allow access to system memory and run malicious code on GPU.

There is double dput in nfs_prime_dcache(). Because of this excess dput we get a crash in __put_nfs_open_context().

The bug allows to initialize a non-stateful lookup expressions which points to a not properly detached set, which might lead to UAF. Potetntially it leads to privilege escalation.

Setting release_agent could potentially lead to privilege escalation from unprivileged users inside a container to the container root. It couldn't be exploited to escape containers.

Race condition between the garbage collector and the 'recv' operation with MSG_PEEK flag was found in the implementation of UNIX domain sockets. It could result in use-after-free and could potentially allow a local attacker to escalate their privileges in the system.