Hi, CVE-2023-42755 was announced here: https://www.openwall.com/lists/oss-security/2023/09/25/12 It is fixed in 5.15.133 and 6.1.55 (https://www.openwall.com/lists/oss-security/2023/09/26/2) CVE-2023-42756 was announced here: https://www.openwall.com/lists/oss-security/2023/09/27/2 It is fixed by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7433b6d2afd512d04398c73aa984d1e285be125b Best regards, Nico.
Source RPM: (none) => kernel, kernel-linusAssignee: bugsquad => kernelCC: (none) => nicolas.salguero
Hi, CVE-2023-42754 was announced here: https://www.openwall.com/lists/oss-security/2023/10/02/8 It is fixed by: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=0113d9c9d1cc Best regards, Nico.
Summary: kernel 5.15 and 6.1 new security issues CVE-2023-4275[56] => kernel 5.15 and 6.1 new security issues CVE-2023-4275[456]
Hi, CVE-2023-5178 (Linux NVMe-oF/TCP Driver - UAF in `nvmet_tcp_free_crypto`) was announced here: https://www.openwall.com/lists/oss-security/2023/10/15/1 Best regards, Nico.
Summary: kernel 5.15 and 6.1 new security issues CVE-2023-4275[456] => kernel 5.15 and 6.1 new security issues CVE-2023-4275[456] and CVE-2023-5178
Now when we seem to get kernel updates moving on mga9... Should we fix a last one on mga8 as a service to our users, or close as wontfix, old, EOL ?
CC: (none) => fri, ghibomgx
Mga8 is EOL, so lets use our steam on mga9.
Resolution: (none) => OLDStatus: NEW => RESOLVED