CentOS Linux: CVE-2023-1476: Important: kpatch-patch security update (CESA-2023:1659)

CentOS Linux: CVE-2023-1476: Important: kpatch-patch security update (CESA-2023:1659)

Severity

7

CVSS

(AV:L/AC:M/Au:S/C:C/I:C/A:C)

Published

04/05/2023

Created

05/05/2023

Added

04/06/2023

Modified

01/28/2025

Description

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.

Solution(s)

• centos-upgrade-kpatch-patch-4_18_0-425_10_1
• centos-upgrade-kpatch-patch-4_18_0-425_10_1-debuginfo
• centos-upgrade-kpatch-patch-4_18_0-425_10_1-debugsource
• centos-upgrade-kpatch-patch-4_18_0-425_13_1
• centos-upgrade-kpatch-patch-4_18_0-425_13_1-debuginfo
• centos-upgrade-kpatch-patch-4_18_0-425_13_1-debugsource
• centos-upgrade-kpatch-patch-4_18_0-425_3_1
• centos-upgrade-kpatch-patch-4_18_0-425_3_1-debuginfo
• centos-upgrade-kpatch-patch-4_18_0-425_3_1-debugsource

References

• CVE-2023-1476