- kernel-4.18.0-477.10.1.el8_8 (almalinux8)
- 4.18.0-477.27.2.el8_8
- 2023-10-07 18:39:28
- 2023-10-19 08:26:12
- K20231007_05
- CVE-2023-32233
- Description:
netfilter: nf_tables: deactivate anonymous set from preparation phase
- CVE: https://access.redhat.com/security/cve/CVE-2023-32233
- Patch: rhel8/4.18.0-477.13.1.el8_8/CVE-2023-32233-netfilter-nf_tables-deactivate-anonymous-set-from-preparation-phase.patch
- From: 4.18.0-477.13.1.el8_8
- CVE-2023-28466
- Description:
net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
- CVE: https://access.redhat.com/security/cve/CVE-2023-28466
- Patch: rhel8/4.18.0-477.15.1.el8_8/CVE-2023-28466-net-tls-fix-possible-race-condition-between-do_tls_getsockopt_conf-and-do_tls_setsockopt_conf.patch
- From: 4.18.0-477.15.1.el8_8
- CVE-2022-42896
- Description:
Bluetooth: L2CAP: Fix accepting connection request
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: rhel8/4.18.0-477.21.1.el8_8/CVE-2022-42896-Bluetooth-L2CAP-Fix-accepting-connection-request-for.patch
- From: 4.18.0-477.21.1.el8_8
- CVE-2023-1281
- Description:
net/sched: tcindex: update imperfect hash filters
- CVE: https://access.redhat.com/security/cve/CVE-2023-1281
- Patch: rhel8/4.18.0-477.21.1.el8_8/CVE-2023-1281-net-sched-tcindex-update-imperfect-hash-filters-resp.patch
- From: 4.18.0-477.21.1.el8_8
- CVE-2023-1829
- Description:
Complex adaptation is required, mainline retired tcindex.
- CVE:
- Patch: skipped/CVE-2023-1829.patch
- From:
- CVE-2023-2124
- Description:
xfs: verify buffer contents when we skip log replay
- CVE: https://access.redhat.com/security/cve/CVE-2023-2124
- Patch: rhel8/4.18.0-477.21.1.el8_8/CVE-2023-2124-xfs-verify-buffer-contents-when-we-skip-log-replay.patch
- From: 4.18.0-477.21.1.el8_8
- CVE-2023-2194
- Description:
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
- CVE: https://access.redhat.com/security/cve/CVE-2023-2194
- Patch: rhel8/4.18.0-477.21.1.el8_8/CVE-2023-2194-i2c-xgene-slimpro-Fix-out-of-bounds-bug-in-xgene_sli.patch
- From: 4.18.0-477.21.1.el8_8
- CVE-2023-2235
- Description:
perf: Fix check before add_event_to_groups() in perf_group_detach()
- CVE: https://access.redhat.com/security/cve/CVE-2023-2235
- Patch: rhel8/4.18.0-477.21.1.el8_8/CVE-2023-2235-perf-Fix-check-before-add_event_to_groups-in-perf_gr.patch
- From: 4.18.0-477.21.1.el8_8
- CVE-2023-4004
- Description:
netfilter: nft_set_pipapo: fix improper element removal
- CVE: https://access.redhat.com/security/cve/CVE-2023-4004
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-4004-netfilter-nft-set-pipapo-fix-improper-element-removal.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-3390
- Description:
netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
- CVE: https://access.redhat.com/security/cve/CVE-2023-3390
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-3390-netfilter-nf-tables-incorrect-error-path-handling-with.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-3090
- Description:
ipvlan:Fix out-of-bounds caused by unclear skb->cb
- CVE: https://access.redhat.com/security/cve/CVE-2023-3090
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-3090-ipvlan-fix-out-of-bounds-caused-by-unclear-skb-cb.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-35788
- Description:
net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
- CVE: https://access.redhat.com/security/cve/CVE-2023-35788
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-35788-net-sched-flower-fix-possible-oob-write-in-fl-set-geneve-opt.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-20593
- Description:
hw: amd: Cross-Process Information Leak
- CVE: https://access.redhat.com/security/cve/cve-2023-20593
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-20593-zenbleed.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-3776
- Description:
net/sched: cls_fw: Fix improper refcount update leads to use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2023-3776
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-3776-net-sched-cls-fw-fix-improper-refcount-update-leads-to.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-35001
- Description:
netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- CVE: https://access.redhat.com/security/cve/CVE-2023-35001
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-35001-netfilter-nf_tables-prevent-OOB-access-in-nft_byteorder_eval.patch
- From: 4.18.0-477.27.1.el8_8
- CVE-2023-2002
- Description:
bluetooth: Perform careful capability checks in hci_sock_ioctl()
- CVE: https://access.redhat.com/security/cve/CVE-2023-2002
- Patch: rhel8/4.18.0-477.27.1.el8_8/CVE-2023-2002-bluetooth-perform-careful-capability-checks-in-hci_sock_ioctl.patch
- From: 4.18.0-477.27.1.el8_8
- N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add alt asm definitions
- CVE: N/A
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 4.18.0/0003-kpatch-add-paravirt-asm-definitions.patch
- From: N/A