Alma Linux: CVE-2023-1075: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077)

Alma Linux: CVE-2023-1075: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077)

Severity

2

CVSS

(AV:L/AC:L/Au:S/C:P/I:N/A:N)

Published

03/27/2023

Created

11/29/2023

Added

11/28/2023

Modified

01/28/2025

Description

A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready.

Solution(s)

• alma-upgrade-bpftool
• alma-upgrade-kernel
• alma-upgrade-kernel-abi-stablelists
• alma-upgrade-kernel-core
• alma-upgrade-kernel-cross-headers
• alma-upgrade-kernel-debug
• alma-upgrade-kernel-debug-core
• alma-upgrade-kernel-debug-devel
• alma-upgrade-kernel-debug-modules
• alma-upgrade-kernel-debug-modules-extra
• alma-upgrade-kernel-devel
• alma-upgrade-kernel-doc
• alma-upgrade-kernel-headers
• alma-upgrade-kernel-modules
• alma-upgrade-kernel-modules-extra
• alma-upgrade-kernel-tools
• alma-upgrade-kernel-tools-libs
• alma-upgrade-kernel-tools-libs-devel
• alma-upgrade-kernel-zfcpdump
• alma-upgrade-kernel-zfcpdump-core
• alma-upgrade-kernel-zfcpdump-devel
• alma-upgrade-kernel-zfcpdump-modules
• alma-upgrade-kernel-zfcpdump-modules-extra
• alma-upgrade-perf
• alma-upgrade-python3-perf

References

• https://attackerkb.com/topics/cve-2023-1075
• CVE - 2023-1075
• https://errata.almalinux.org/8/ALSA-2023-7077.html