Description:
- cgroup: Use open-time cgroup namespace for process migration perm checks {CVE-2021-4197}
- cgroup: Use open-time credentials for process migraton perm checks {CVE-2021-4197}
- cgroup: cgroup.{procs,threads} factor out common parts
- cgroup: unify attach permission checking
- vt: drop old FONT ioctls {CVE-2021-33656}
- fbmem: Check virtual screen sizes in fb_set_var() {CVE-2021-33655}
- fbcon: Prevent that screen size is smaller than font size {CVE-2021-33655}
- fbcon: Disallow setting font bigger than screen size {CVE-2021-33655}
- KVM: nVMX: add missing consistency checks for CR0 and CR4 {CVE-2023-30456}
- net: usb: ax88179_178a: Fix packet receiving {CVE-2022-2964}
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup {CVE-2022-2964}
- net: usb: ax88179_178a: fix packet alignment padding {CVE-2022-2964}
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
- KVM: x86/mmu: do compare-and-exchange of gPTE via the user address {CVE-2022-1158}
- RDMA/cma: Do not change route.addr.src_addr.ss_family {CVE-2021-4028}
- RDMA/cma: Make the locking for automatic state transition more clear
- ath10k: Validate first subframe of A-MSDU before processing the list {CVE-2020-24588}
- ath10k: drop MPDU which has discard flag set by firmware for SDIO {CVE-2020-24588}
- mac80211: drop A-MSDUs on old ciphers {CVE-2020-24588}
- cfg80211: mitigate A-MSDU aggregation attacks {CVE-2020-24588}
- ipv4: make exception cache less predictible {CVE-2021-20322}
- ipv4: use siphash instead of Jenkins in fnhe_hashfun() {CVE-2021-20322}
- ipv6: make exception cache less predictible {CVE-2021-20322}
- ipv6: use siphash in rt6_exception_hash() {CVE-2021-20322}
- ipv6: use jhash2() in rt6_exception_hash()
- psi: Fix uaf issue when psi trigger is destroyed while being polled {CVE-2022-2938}
- psi: fix possible trigger missing in the window
- cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
- cgroup: make per-cgroup pressure stall tracking configurable
- netfilter: nf_tables_offload: incorrect flow offload action array size {CVE-2022-25636}
- netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_create
- cgroup: fix psi monitor for root cgroup
- cgroup/cgroup.c: replace 'of->kn->priv' with of_cft()
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm {CVE-2022-42896}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}
- devlink: Fix use-after-free after a failed reload {CVE-2022-3625}
- KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS {CVE-2022-2196}
- net/sched: tcindex: update imperfect hash filters respecting rcu {CVE-2023-1281}
- seq_buf: Fix overflow in seq_buf_putmem_hex() {CVE-2023-28772}
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace {CVE-2023-1513}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989}
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg {CVE-2023-31436}
- cgroup-v1: Require capabilities to set release_agent {CVE-2022-0492}
- net: sched: fix use-after-free in tc_new_tfilter() {CVE-2022-1055}
- SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() {CVE-2022-28893}
- net/sched: cls_u32: fix netns refcount changes in u32_change() {CVE-2022-29581}
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-2873}
- ovl: fail on invalid uid/gid mapping at copy up {CVE-2023-0386}
Updated packages:
-
bpftool-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:b94b731c034745e69d87843e906bffbb77b9ec26
-
kernel-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:86ee104c3a4054652a811391351ececb3e632540
-
kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:e67db2a923283d993b5c56bc5411b9b0f54c6abf
-
kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:ded0bffd0690288b7f21694f03f9a07d88ba3488
-
kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:1226f4d9c54a6fe7a9f9966a8a3fa4cf32834dd5
-
kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:5ec8e3a51febeada24259b6c8ac89a76cf7a5a4e
-
kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:b7c6acc6a64869ee19c2fd7417e4f0a3125f62a3
-
kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:1b79609af751c26640f8885ccaccc4e3a954f826
-
kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:8a89a28829ea6d1ecc19f92d238d9c9e36ff676e
-
kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:23739c357f4724c204fb42b9ef66f860260d7ecc
-
kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:fb64331cda0de64812ca4296e1ea01524f1c42c1
-
kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:5c562b07d89c84f4429c2de2953fa9012e2de0da
-
kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:0ec35861c82e691b38c8156a33ff783067a64d2c
-
kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:4538ee213e1ffe2a4743434f5eddbb79f52c2944
-
kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:8038041a901d326f07637c98f987544328e675f3
-
kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:bbf779e50cf29636d098189d0d5dfb2ea491e39f
-
kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:4288bdcd1bb0e8b1fb71072e10db312c8bb014aa
-
kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:73712d81e746e10ff3ad20b3340a280b8b0560b7
-
kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:3ff3cd34d4b44b7a203abafc6e8fb94221d3aa22
-
kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:497266dc689f1d6aa3f9567365fa1979d27514bf
-
perf-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:5b7f49638015f32a4165a5069f8000fa49b0ca80
-
python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els8.x86_64.rpm
sha:9a5c0915f401398d9d6ea8cf232457f5681de2d8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
