{"id":"CLSA-2023-1695715460","summary":"kernel: Fix of 24 CVEs","details":"- xen/xenbus: don't let xenbus_grant_ring() remove grants in error case {CVE-2022-23040}\n- xen/xenbus: Fix granting of vmalloc'd memory\n- xen/blkfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23036}\n- xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23036}\n- xen/blkfront: don't trust the backend response data blindly\n- xen/blkfront: don't take local copy of a request from the ring page\n- xen/blkfront: read response from backend only once\n- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free {CVE-2023-4128}\n- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free {CVE-2023-4128}\n- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free {CVE-2023-4128}\n- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}\n- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}\n- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}\n- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}\n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() {CVE-2023-4387}\n- tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() {CVE-2022-1462}\n- tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()\n- mmu_gather: Force tlb-flush VM_PFNMAP vmas {CVE-2022-39188}\n- net/sched: cls_u32: Fix reference counter leak leading to overflow {CVE-2023-3609}\n- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE {CVE-2023-3117}\n- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}\n- xfs: verify buffer contents when we skip log replay {CVE-2023-2124}\n- netfilter: nf_tables: stricter validation of element data {CVE-2022-34918}\n- tpm: fix reference counting for struct tpm_chip {CVE-2022-2977}\n- drm/virtio: Fix compile warnings (ents/nents) {CVE-2023-22998}\n- drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling {CVE-2023-22998}\n- drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init {CVE-2023-22998}\n- gfs2: Don't deref jdesc in evict {CVE-2023-3212}\n- drm/i915/gvt: fix double free bug in split_2MB_gtt_entry {CVE-2022-3707}\n- drm/amdkfd: Check for null pointer after calling kmemdup {CVE-2022-3108}\n- hv_netvsc: Add check for kvmalloc_array {CVE-2022-3107}\n- sfc_ef100: potential dereference of null pointer {CVE-2022-3106}\n- RDMA/uverbs: Check for null return of kmalloc_array {CVE-2022-3105}\n- drm: use the lookup lock in drm_is_current_master {CVE-2022-1280}\n- drm: add a locked version of drm_is_current_master {CVE-2022-1280}\n- drm: serialize drm_file.master with a new spinlock {CVE-2022-1280}\n- drm/vmwgfx: fix potential UAF in vmwgfx_surface.c {CVE-2022-1280}\n- drm: protect drm_master pointers in drm_lease.c {CVE-2022-1280}","modified":"2026-06-01T00:30:12.277876771Z","published":"2023-09-26T08:15:54Z","upstream":["CVE-2022-23040","CVE-2022-23036","CVE-2023-4128","CVE-2022-45919","CVE-2022-45886","CVE-2023-3567","CVE-2023-40283","CVE-2023-4387","CVE-2022-1462","CVE-2022-39188","CVE-2023-3609","CVE-2023-3117","CVE-2023-3268","CVE-2023-2124","CVE-2022-34918","CVE-2022-2977","CVE-2023-22998","CVE-2023-3212","CVE-2022-3707","CVE-2022-3108","CVE-2022-3107","CVE-2022-3106","CVE-2022-3105","CVE-2022-1280"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.4-els/CLSA-2023-1695715460.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/perf?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.25.1.el8_4.tuxcare.els11"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2023-1695715460.json"}}],"schema_version":"1.7.5"}