-
CVE-2023-32233
Use after free if modify and delete anonymous set in same nf-tables transaction (fixed)
A use-after-free vulnerability in the Netfilter subsystem when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
-
CVE-2023-4128
Use-after-free in classifiers cls_fw, cls_u32, and cls_route
A use-after-free vulnerability possible local privilege escalation.
-
CVE-2023-42755
Invalid memory access in cls_rsvp traffic classifier
Use after free in rsvp classifier can be used to crash kernel.
-
CVE-2023-42753
Out of bound memory access in ipset module
Possible kernel crash if userspace provide special data for ipset module.
-
PSBM-150027
Race condition in venetdev leading to corrupted data in /proc/net/dev.
Due to a race condition counters in /proc/net/dev periodically deviate significantly either up or down.
-
CVE-2021-45868
quota: check block number when reading the block in quota file
A use-after-free vulnerability in the quota mechanism, leading to a denial of service.
-
CVE-2022-2639
openvswitch: integer underflow leads to out-of-bounds write
An integer coercion error in the openvswitch kernel module potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2022-3524
memory leak in ipv6_renew_options
A memory leak in the IPv6 functionality. This flaw allows a user to crash the system.
-
CVE-2022-3566
data races around icsk->icsk_af_ops pointer
A vulnerability in the tcp subsystem. This issue could allow an attacker to leak internal kernel information.
-
CVE-2022-2663
netfilter fix irc helper
A firewall flaw that can bypass the Netfilter functionality. This flaw allows a remote user to gain unauthorized access to the system.
-
CVE-2022-3545
use-after-free in nfp device driver
A vulnerability in the Netronome Flow Processor (NFP) driver. This flaw allows a manipulation that may lead to a use-after-free issue.
-
CVE-2022-4379
NFSv4.1 double svc_xprt_put if rpc_create failures
A use-after-free vulnerability the NFS filesystem. This flaw allows an attacker to conduct a remote denial of service.
-
CVE-2022-0812
xprtrdma incorrect header size calculations
An information leak flaw in NFS over RDMA. This flaw allows an attacker with normal user privileges to leak kernel information.
-
CVE-2022-24448
Handle case where the lookup of a directory but file exists
A flaw in the NFS filesystem. This flaw leads to the kernel's data leak into the userspace.
-
CVE-2022-41858
Null pointer dereference in net SLIP driver
A NULL pointer dereference in the net SLIP driver. This issue could allow an attacker to crash the system or leak internal kernel information.
-
CVE-2023-1838
Double free in net vhost driver error path
A use-after-free in the virtio network subcomponent. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem.
-
CVE-2022-29581
Memory leak in net queue scheduler cls_u32 error handler
A use-after-free in the network subcomponent. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information.
-
RK-337
Use after free in packet family socket in prb_retire_rx_blk_timer_expired()
-
CVE-2023-0458
kernel data leak via spectre like gadget
A speculative pointer dereference vulnerabilty that can be used to leak the contents.
-
CVE-2023-2124
Kernel crash on mount invalid xfs image
An out-of-bounds memory access flaw in the XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2023-2162
Use after free in iscsi driver
A use-after-free in the SCSI sub-component. This issue could allow an attacker to leak kernel internal information.
-
CVE-2023-31436
Out of bound memory access in qfq network packet scheduler
An out-of-bounds memory access flaw in the traffic control (QoS) subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2023-2513
Use after free in ext4 setfattr
A use-after-free vulnerability in the ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors.
-
CVE-2023-30456
Missed CR0 and CR4 register check in KVM subsystem
A flaw in the KVM's Intel nested virtualization feature (nVMX). In rare circumstances (i.e., kvm_intel module loaded with parameters nested=1 and ept=0) this could allow a malicious guest to crash the host system, causing a denial of service.
-
CVE-2023-1074
Memory leak in sctp socket error path
A memory leak in the Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.
-
CVE-2023-3212
Invalid memory access on mount invalid gfs2 image
A NULL pointer dereference in the gfs2 file system. This flaw allows a privileged local user to cause a kernel panic.
-
CVE-2023-0590
Use after free while changing network packet scheduler
A use-after-free in the network scheduler due to a race problem. This flaw leads to a denial of service issue.
-
CVE-2022-47929
Null pointer dereference in traffic control if try to assing classes to noqueue discipline
A NULL pointer dereference in traffic control. This issue may allow a local unprivileged user to trigger a system crash or leaked internal kernel information.
-
CVE-2023-1095
Null pointer dereference caused by race during updating ntf tables
A NULL pointer dereference in the netfilter subsystem. This flaw allows a local, unprivileged user to crash the system, resulting in a denial of service.
-
CVE-2023-3268
Out of bound memory access during reading relayfs
An out-of-bounds memory access flaw in the relayfs. This flaw allows a local attacker to crash the system or leak kernel internal information.
-
CVE-2023-3567
Use after free in linux console driver
A use-after-free flaw in vc_screen. This flaw allows an attacker with local user access to cause a system crash or leak internal kernel information.
-
CVE-2023-35788
Out of bound memory write in network packet scheduler
A flaw in the TC flower classifier (cls_flower) in the Networking subsystem. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total size of 252 bytes, which results in an out-of-bounds write, potentially leading to a denial of service or privilege escalation.
-
CVE-2023-3611
Invalid memory write in network packet scheduler
An out-of-bounds memory write flaw in the Traffic Control (QoS) subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
CVE-2023-3772
Null pointer dereference in ipsec configuration
A flaw in the IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause kernel crash and denial of service.
-
CVE-2023-3776
Use after free in network packet scheduler
A use-after-free vulnerability in a network scheduler sub-component. This may allow a local attacker to gain local privilege escalation.
-
CVE-2023-3609
Reference counter leak in error path for network packet scheduler
A double-free flaw in the Network Scheduler component. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat.
-
RK-352
rdma connection is not stable enough because low default retry counter
-
CVE-2022-0617
Null pointer dereference after mounting special UDF filesystem image
A NULL pointer dereference in the UDF file system functionality. This flaw allows a local user to crash the system.
-
CVE-2022-20141
Use after free during routing igmp multicast message
A use-after-free flaw in the IGMP protocol. This flaw allows a local user to crash or potentially escalate their privileges on the system.
-
PSBM-147036
Memory leak in cgroup subsystem
Partial fix to prevent memory leak in some cases.
-
VSTOR-62165
fuse: pcs: missing timeout at authentication
Possible deadlock in kernel during connect to cluster storage.
-
PSBM-142789
network packet corruption
Unstable network connection caused by corruption packets in the network card driver.
-
PSBM-143283
stale pointer in oom_context->victim
Possible kernel crash while handling out of memory situation.
-
CVE-2022-3202
Null Pointer Dereference in JFS filesystem.
An attacker could use prepared image to crash the system or leak internal kernel information.
https://access.redhat.com/security/cve/cve-2022-3202
-
PSBM-142895
netfilter: core: Improper NAT hooks collision check.
Hooks collision during nftables and iptables hooks registering.
-
PSBM-141114
blk-cbt: Percpu allocation leak.
A memory leak in Changed Block Tracking code.
-
PSBM-141577
Potential deadlock when lazytime-enabled mounted ploop is running on top of a fuse-based vStorage.
There is a possible deadlock if a lazytime-enabled mounted ploop is running on top of vStorage. This tweak provides the ability to disable default lazytime mount option for ext4 mounts. For technical reasons this tweak is united with the oom_dump_tasks sysctl. You should use this sysctl in the following way: "echo 0 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default and oom tasks dumping; "echo 1 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default, enable oom tasks dumping; "echo 2 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default, disable oom tasks dumping; "echo 3 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default and oom tasks dumping.
-
PSBM-141578
netfilter: nf_tables: NULL pointer access in chain filter.
NULL pointer accsess in nf_tables chain filter leads to node crash.
-
PSBM-141642
Calling kfree_skb from hardware interrupt may cause deadlock
Avoid possible deadlock and packet loss. Fixes: PSBM-140896 Potential ARP DoS.
-
CVE-2021-4155
Reading data from partially written XFS file block.
A data leak flaw was found in XFS filesystem. An attacker could use this flaw to read deleted data.
https://access.redhat.com/security/cve/cve-2021-4155
-
CVE-2022-22942
Use after free for file descriptor table for vmwgfx
use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem.
https://access.redhat.com/security/cve/cve-2022-22942
-
CVE-2022-0330
Kernel buffers data leak or race in intel GPU driver.
Incorrect GPU cache flush may allow access to system memory and run malicious code on GPU.
https://access.redhat.com/security/cve/cve-2022-0330
-
PSBM-140896
Potential ARP DoS for containers in host-routed network mode.
-
PSBM-141526
nfs: Excess dput in __put_nfs_open_context leads to a crash.
There is double dput in nfs_prime_dcache(). Because of this excess dput we get a crash in __put_nfs_open_context().
-
CVE-2022-1966
Use-after-free in the netfilter subsystem.
The bug allows to initialize a non-stateful lookup expressions which points to a not properly detached set, which might lead to UAF. Potetntially it leads to privilege escalation.
https://access.redhat.com/security/cve/CVE-2022-1966
-
PSBM-139465
CPU hotplug leads to a VM crash on AMD processors with PCID.
-
CVE-2022-0492
Potential privilege escalation when setting the release_agent.
Setting release_agent could potentially lead to privilege escalation from unprivileged users inside a container to the container root. It couldn't be exploited to escape containers.
https://access.redhat.com/security/cve/CVE-2022-0492
-
CVE-2021-0920
Potential use-after-free in the 'recv' operation of UNIX domain sockets.
Race condition between the garbage collector and the 'recv' operation with MSG_PEEK flag was found in the implementation of UNIX domain sockets. It could result in use-after-free and could potentially allow a local attacker to escalate their privileges in the system.
https://access.redhat.com/security/cve/CVE-2021-0920
-
CVE-2021-4083
Read-after-free in garbage collection for Unix domain socket file handlers.
-
CVE-2021-4028
Use-after-free in RDMA listen().
-
CVE-2021-3640
Use-after-free in function sco_sock_sendmsg() of the HCI subsystem.
https://bugzilla.redhat.com/show_bug.cgi?id=1980646
-
VSTOR-78331
ext4/mfsync: BUG_ON if wrong set of files is provided
-
CVE-2023-45871
IGB driver inadequate buffer size for frames larger than MTU
-
CVE-2023-32233-
Use after free if modify and delete anonymous set in same nf-tables transaction (fixed)
-
CVE-2023-4623
Invalid memory access in hfsc packet scheduler
-
CVE-2023-4622
Null pointer dereference in unix local sockets during sendfile()
-
CVE-2022-4378
proc string out of bound in proc_skip_spaces()
-
CVE-2022-3564
bluetooth use-after-free in bluetooth l2cap_rx_state_recv
-
PSBM-145379
netfilter per/cpu memory leak on error path
-
PSBM-145324
fix device_rename for containers
-
CVE-2022-2588
use-after-free in cls_route filter
-
PSBM-145263
virtualize timestamps in /dev/ksmg and syslog outputs
-
CVE-2022-1353
kernel data leak in pfkey_register
-
VSTOR-55377
A hole in vstorage FUSE synchronization protocol leading to unsynchronized chunks.
-
PSBM-141136
ms/xfrm: fix crash in XFRM_MSG_GETSA netlink handler