RLSA-2023:1584 --- kernel-rtID: oval:org.secpod.oval:def:4501406 | Date: (C)2023-06-19 (M)2024-05-22 |
Class: PATCH | Family: unix |
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF * kernel: FUSE filesystem low-privileged user privileges escalation * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Lazy irq_work does not raise softirq on PREEMPT_RT [rhel-8] * The latest Rocky Linux 8.7.z3 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels