The linux kernels driver for the "ASIX AX88179_178A based USB 2.0/3.0 Gigabit Ethernet Devices" contains multiple out-of-bounds reads and possible writes in the ax88179_rx_fixup() function. References: https://www.spinics.net/lists/stable/msg536418.html Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2076784]
This was fixed for Fedora with the 5.16.10 stable kernel updates.
I'm going to ask IR to make the relevant trackers as my tooling is currently misbehaving.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0101 https://access.redhat.com/errata/RHSA-2023:0101
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0114 https://access.redhat.com/errata/RHSA-2023:0114
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0123 https://access.redhat.com/errata/RHSA-2023:0123
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0300 https://access.redhat.com/errata/RHSA-2023:0300
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0334 https://access.redhat.com/errata/RHSA-2023:0334
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0348 https://access.redhat.com/errata/RHSA-2023:0348
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:0392 https://access.redhat.com/errata/RHSA-2023:0392
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:0395 https://access.redhat.com/errata/RHSA-2023:0395
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2023:0396 https://access.redhat.com/errata/RHSA-2023:0396
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0399 https://access.redhat.com/errata/RHSA-2023:0399
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0400 https://access.redhat.com/errata/RHSA-2023:0400
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:0404 https://access.redhat.com/errata/RHSA-2023:0404
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0499 https://access.redhat.com/errata/RHSA-2023:0499
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0496 https://access.redhat.com/errata/RHSA-2023:0496
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0526 https://access.redhat.com/errata/RHSA-2023:0526
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0512 https://access.redhat.com/errata/RHSA-2023:0512
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:0536 https://access.redhat.com/errata/RHSA-2023:0536
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:0531 https://access.redhat.com/errata/RHSA-2023:0531
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0856 https://access.redhat.com/errata/RHSA-2023:0856
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0858 https://access.redhat.com/errata/RHSA-2023:0858
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:1130 https://access.redhat.com/errata/RHSA-2023:1130
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:1192 https://access.redhat.com/errata/RHSA-2023:1192
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2964