CentOS Linux: CVE-2023-3812: Important: kernel-rt security update (Multiple Advisories)

CentOS Linux: CVE-2023-3812: Important: kernel-rt security update (Multiple Advisories)

Severity

7

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

07/24/2023

Created

11/30/2023

Added

11/29/2023

Modified

01/28/2025

Description

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Solution(s)

• centos-upgrade-kernel
• centos-upgrade-kernel-rt
• centos-upgrade-kpatch-patch-4_18_0-513_5_1
• centos-upgrade-kpatch-patch-4_18_0-513_5_1-debuginfo
• centos-upgrade-kpatch-patch-4_18_0-513_5_1-debugsource
• centos-upgrade-kpatch-patch-5_14_0-362_13_1
• centos-upgrade-kpatch-patch-5_14_0-362_13_1-debuginfo
• centos-upgrade-kpatch-patch-5_14_0-362_13_1-debugsource
• centos-upgrade-kpatch-patch-5_14_0-362_8_1
• centos-upgrade-kpatch-patch-5_14_0-362_8_1-debuginfo
• centos-upgrade-kpatch-patch-5_14_0-362_8_1-debugsource

References

• CVE-2023-3812