A flaw was found in udmabuf. udmabuf is a linux device driver for user space mappable DMA buffer. Quoting ZDI security advisory [1]: "This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel." [1] https://www.zerodayinitiative.com/advisories/ZDI-23-441/
Upstream commit: https://github.com/torvalds/linux/commit/05b252cccb2e5c3f56119d25de684b4f810ba4
This issue was fixed upstream in version 5.19. The kernel packages as shipped in Red Hat Enterprise Linux 9 were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2022:8267 kernel-rt in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHSA-2022:7933
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:3470 https://access.redhat.com/errata/RHSA-2023:3470
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:3465 https://access.redhat.com/errata/RHSA-2023:3465
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:3490 https://access.redhat.com/errata/RHSA-2023:3490
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-2008