A flaw stack overflow in the Linux Kernel found. If user have access to SYSCTL (dynamically changing certain kernel parameters and variables), then can provide incorrect input to the function do_proc_dointvec leading to system crash or potentially privileges escalation. Known example of such incorrect input by local user for the /proc/sys/net/ipv4/tcp_rmem , but it could be other situations when this function being used. References: https://seclists.org/oss-sec/2022/q4/178 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-c-strings.patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-avoid-integer-type-confusion-in-get_proc_long.patch
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2152607]
This was fixed for Fedora with the 6.0.12 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0856 https://access.redhat.com/errata/RHSA-2023:0856
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:0858 https://access.redhat.com/errata/RHSA-2023:0858
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Red Hat Enterprise Linux 7.7 Telco Extended Update Support Via RHSA-2023:0944 https://access.redhat.com/errata/RHSA-2023:0944
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Via RHSA-2023:0945 https://access.redhat.com/errata/RHSA-2023:0945
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0951 https://access.redhat.com/errata/RHSA-2023:0951
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0979 https://access.redhat.com/errata/RHSA-2023:0979
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:1008 https://access.redhat.com/errata/RHSA-2023:1008
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2023:1103 https://access.redhat.com/errata/RHSA-2023:1103
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:1101 https://access.redhat.com/errata/RHSA-2023:1101
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:1091 https://access.redhat.com/errata/RHSA-2023:1091
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:1092 https://access.redhat.com/errata/RHSA-2023:1092
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:1110 https://access.redhat.com/errata/RHSA-2023:1110
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:1109 https://access.redhat.com/errata/RHSA-2023:1109
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:1202 https://access.redhat.com/errata/RHSA-2023:1202
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:1203 https://access.redhat.com/errata/RHSA-2023:1203
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:1220 https://access.redhat.com/errata/RHSA-2023:1220
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:1221 https://access.redhat.com/errata/RHSA-2023:1221
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2023:1251 https://access.redhat.com/errata/RHSA-2023:1251
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:1435 https://access.redhat.com/errata/RHSA-2023:1435
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:1584 https://access.redhat.com/errata/RHSA-2023:1584
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:1566 https://access.redhat.com/errata/RHSA-2023:1566
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:1659 https://access.redhat.com/errata/RHSA-2023:1659
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Via RHSA-2023:1705 https://access.redhat.com/errata/RHSA-2023:1705
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Via RHSA-2023:1706 https://access.redhat.com/errata/RHSA-2023:1706
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Extended Lifecycle Support Via RHSA-2023:1822 https://access.redhat.com/errata/RHSA-2023:1822
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:3388 https://access.redhat.com/errata/RHSA-2023:3388
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:3431 https://access.redhat.com/errata/RHSA-2023:3431
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2023:3491 https://access.redhat.com/errata/RHSA-2023:3491
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-4378