readykernel-patch-191.4-156.4-1.vl7

Kernel Update Version:
3.10.0-1160.80.1.vz7.191.4
Release Date:
2023-05-22 07:28:02
  • CVE-2021-45868

    quota: check block number when reading the block in quota file

    A use-after-free vulnerability in the quota mechanism, leading to a denial of service.
  • CVE-2022-2639

    openvswitch: integer underflow leads to out-of-bounds write

    An integer coercion error in the openvswitch kernel module potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
  • CVE-2022-3524

    memory leak in ipv6_renew_options

    A memory leak in the IPv6 functionality. This flaw allows a user to crash the system.
  • CVE-2022-3566

    data races around icsk->icsk_af_ops pointer

    A vulnerability in the tcp subsystem. This issue could allow an attacker to leak internal kernel information.
  • CVE-2022-2663

    netfilter fix irc helper

    A firewall flaw that can bypass the Netfilter functionality. This flaw allows a remote user to gain unauthorized access to the system.
  • CVE-2022-3545

    use-after-free in nfp device driver

    A vulnerability in the Netronome Flow Processor (NFP) driver. This flaw allows a manipulation that may lead to a use-after-free issue.
  • CVE-2022-4379

    NFSv4.1 double svc_xprt_put if rpc_create failures

    A use-after-free vulnerability the NFS filesystem. This flaw allows an attacker to conduct a remote denial of service.
  • CVE-2022-0812

    xprtrdma incorrect header size calculations

    An information leak flaw in NFS over RDMA. This flaw allows an attacker with normal user privileges to leak kernel information.
  • CVE-2022-24448

    Handle case where the lookup of a directory but file exists

    A flaw in the NFS filesystem. This flaw leads to the kernel's data leak into the userspace.
  • CVE-2022-41858

    Null pointer dereference in net SLIP driver

    A NULL pointer dereference in the net SLIP driver. This issue could allow an attacker to crash the system or leak internal kernel information.
  • CVE-2023-1838

    Double free in net vhost driver error path

    A use-after-free in the virtio network subcomponent. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem.
  • CVE-2022-29581

    Memory leak in net queue scheduler cls_u32 error handler

    A use-after-free in the network subcomponent. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information.
  • CVE-2022-20141

    Use after free during routing igmp multicast message

    A use-after-free flaw in the IGMP protocol. This flaw allows a local user to crash or potentially escalate their privileges on the system.
  • VSTOR-62689

    fuse: pcs: fix incorrect update of dirty status

    Possible data loss in cluster storage.
  • VSTOR-62165

    fuse: pcs: missing timeout at authentication

    Possible deadlock in kernel during connect to cluster storage.
  • CVE-2022-4378

    proc string out of bound in proc_skip_spaces()

  • CVE-2022-3564

    bluetooth use-after-free in bluetooth l2cap_rx_state_recv

  • PSBM-145379

    netfilter per/cpu memory leak on error path

  • PSBM-145324

    fix device_rename for containers

  • PSBM-145263

    virtualize timestamps in /dev/ksmg and syslog outputs

  • CVE-2022-1353

    kernel data leak in pfkey_register