RHBA-2023:6835 - Bug Fix Advisory

Topic

Updated dpdk-base container image is now available for Red Hat OpenShift Container Platform 4.13.

Description

The dpdk-base container image has been updated for Red Hat OpenShift Container Platform 4.13 to address the following security advisory: RHSA-2023:6583 (see References)

Users of dpdk-base container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The Red Hat OpenShift Container Platform 4.13 container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

• Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64

Fixes

• BZ - 2133453 - CVE-2022-40133 kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context
• BZ - 2133455 - CVE-2022-38457 kernel: vmwgfx: use-after-free in vmw_cmd_res_check
• BZ - 2143906 - CVE-2022-3523 Kernel: race when faulting a device private page in memory manager
• BZ - 2147356 - CVE-2022-42895 kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c
• BZ - 2149024 - CVE-2022-3594 kernel: Rate limit overflow messages in r8152 in intr_callback
• BZ - 2150953 - CVE-2022-3565 kernel: use-after-free in l1oip timer handlers
• BZ - 2165926 - CVE-2023-0597 kernel: x86/mm: Randomize per-cpu entry area
• BZ - 2169343 - CVE-2023-3358 kernel: NULL pointer dereference due to missing kalloc() return value check in shtp_cl_get_dma_send_buf()
• BZ - 2169719 - CVE-2023-1249 kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code
• BZ - 2173403 - CVE-2023-1073 kernel: HID: check empty report_list in hid_validate_values()
• BZ - 2173430 - CVE-2023-1074 kernel: sctp: fail if no bound addresses can be used for a given scope
• BZ - 2173434 - CVE-2023-1075 kernel: net/tls: tls_is_tx_ready() checked list_entry
• BZ - 2173435 - CVE-2023-1076 kernel: tap: tap_open(): correctly initialize socket uid
• BZ - 2173444 - CVE-2023-1079 kernel: hid: Use After Free in asus_remove()
• BZ - 2175903 - CVE-2023-1206 kernel: hash collisions in the IPv6 connection lookup table
• BZ - 2176140 - CVE-2023-1252 kernel: ovl: fix use after free in struct ovl_aio_req
• BZ - 2182031 - CVE-2023-1652 Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c
• BZ - 2182443 - CVE-2023-26545 kernel: mpls: double free on sysctl allocation failure
• BZ - 2184578 - CVE-2023-1855 kernel: use-after-free bug in remove function xgene_hwmon_remove
• BZ - 2185945 - CVE-2023-1989 kernel: Use after free bug in btsdio_remove due to race condition
• BZ - 2188468 - CVE-2023-30456 kernel: KVM: nVMX: missing consistency checks for CR0 and CR4
• BZ - 2192667 - CVE-2023-33203 kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove()
• BZ - 2213199 - CVE-2023-3141 kernel: Use after free bug in r592_remove
• BZ - 2213485 - CVE-2023-3161 kernel: fbcon: shift-out-of-bounds in fbcon_set_font()
• BZ - 2213802 - CVE-2023-4155 kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
• BZ - 2214348 - CVE-2023-3212 kernel: gfs2: NULL pointer dereference in gfs2_evict_inode()
• BZ - 2215502 - CVE-2023-3268 kernel: out-of-bounds access in relay_file_read
• BZ - 2215837 - CVE-2023-35825 kernel: r592: race condition leading to use-after-free in r592_remove()
• BZ - 2218195 - CVE-2023-33951 kernel: vmwgfx: race condition leading to information disclosure vulnerability
• BZ - 2218212 - CVE-2023-33952 kernel: vmwgfx: double free within the handling of vmw_buffer_object objects
• BZ - 2218943 - CVE-2023-3772 kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()
• BZ - 2218944 - CVE-2023-3773 kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr
• BZ - 2221609 - CVE-2023-4273 kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry
• BZ - 2223949 - CVE-2022-40982 hw: Intel: Gather Data Sampling (GDS) side channel vulnerability
• BZ - 2225201 - CVE-2023-3609 kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails
• BZ - 2225511 - CVE-2023-4128 CVE-2023-4206 CVE-2023-4207 CVE-2023-4208 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
• BZ - 2226783 - CVE-2023-39191 kernel: eBPF: insufficient stack type checks in dynptr
• BZ - 2229498 - CVE-2023-4194 kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid

CVEs

• CVE-2007-4559
• CVE-2022-3523
• CVE-2022-3565
• CVE-2022-3594
• CVE-2022-4285
• CVE-2022-38457
• CVE-2022-40133
• CVE-2022-40982
• CVE-2022-42895
• CVE-2023-0597
• CVE-2023-1073
• CVE-2023-1074
• CVE-2023-1075
• CVE-2023-1076
• CVE-2023-1079
• CVE-2023-1206
• CVE-2023-1249
• CVE-2023-1252
• CVE-2023-1652
• CVE-2023-1855
• CVE-2023-1989
• CVE-2023-3141
• CVE-2023-3161
• CVE-2023-3212
• CVE-2023-3268
• CVE-2023-3358
• CVE-2023-3609
• CVE-2023-3772
• CVE-2023-3773
• CVE-2023-4016
• CVE-2023-4128
• CVE-2023-4155
• CVE-2023-4194
• CVE-2023-4206
• CVE-2023-4207
• CVE-2023-4208
• CVE-2023-4273
• CVE-2023-4641
• CVE-2023-22745
• CVE-2023-26545
• CVE-2023-30456
• CVE-2023-31486
• CVE-2023-33203
• CVE-2023-33951
• CVE-2023-33952
• CVE-2023-35825
• CVE-2023-39191

References

• https://access.redhat.com/errata/RHSA-2023:6583
• https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/dpdk-base