RLSA-2023:0979 --- kernel-rtID: oval:org.secpod.oval:def:5800040 | Date: (C)2023-03-23 (M)2024-05-22 |
Class: PATCH | Family: unix |
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces * kernel: use-after-free in __nfs42_ssc_open in fs/nfs/nfs4file.c leading to remote Denial of Service attack * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan * kernel: an out-of-bounds vulnerability in i2c-ismt driver For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z2 Batch