Bug 2065587
Summary: | CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS [CentOS Stream 8] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Sandro Bonazzola <sbonazzo> |
Component: | kernel | Assignee: | Don Howard <dhoward> |
kernel sub component: | Packaging | QA Contact: | Red Hat Kernel QE team <kernel-qe> |
Status: | CLOSED CURRENTRELEASE | Docs Contact: | |
Severity: | high | ||
Priority: | high | CC: | acaringi, bstinson, jarod, jwboyer |
Version: | CentOS Stream | Keywords: | Security, SecurityTracking |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2022-03-21 13:38:41 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2048738, 2056597 |
Description
Sandro Bonazzola
2022-03-18 09:30:00 UTC
As of March 18th https://koji.mbox.centos.org/koji/packageinfo?packageID=866 didn't get the fix yet. Just adding a note here, that even kernel-4.18.0-373.el8 not yet built for CentOS Stream 8 is missing the fix according to the changelog at https://git.centos.org/rpms/kernel/c/7ae59b72bcca86907a4a14fadbea4d30dfeef357?branch=c8s [kernel-4.18.0-383.el8](https://koji.mbox.centos.org/koji/buildinfo?buildID=21679) includes the fix for this CVE. |