RLSA-2023:4541 --- kernel-rtID: oval:org.secpod.oval:def:4501495 | Date: (C)2023-10-20 (M)2024-05-22 |
Class: PATCH | Family: unix |
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c * kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation * kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter * kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events * kernel: OOB access in the Linux kernel"s XFS subsystem * kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Addding the building of i915 driver to 8.8 * kernel-rt: update RT source tree to the Rocky Linux-8.8.z2 source tree