CESA-2022:0620 -- centos 7 kernel,bpftool,perf,python-perfID: oval:org.secpod.oval:def:205942 | Date: (C)2022-03-17 (M)2024-05-22 |
Class: PATCH | Family: unix |
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * kernel: use after free in eventpoll.c may lead to escalation of privilege * kernel: Use After Free in unix_gc which could result in a local privilege escalation * kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL * kernel: possible privileges escalation due to missing TLB flush * kernel: failing usercopy allows for use-after-free exploitation * kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege * kernel: double free in bluetooth subsystem when the HCI device initialization fails * kernel: use-after-free in function hci_sock_bound_ioctl * kernel: possible use-after-free in bluetooth module For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Kernel with enabled BERT does not decode CPU fatal events correctly * RHEL 7.9 - Call trace seen during controller random reset on IB config * Infinite loop in blk_set_queue_dying from blk_queue_for_each_rl when another CPU races and modifies the queue"s blkg_list * NFS client kernel crash in NFS4 backchannel transmit path - ftrace_raw_event_rpc_task_queued called from rpc_run_bc_task * SELinux is preventing / from mount access on the filesystem /proc
Product: |
kernel |
bpftool |
perf |
python-perf |