A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. In this flaw, a malicious user can cause a UAF and a double free, which may lead to RCE (may also lead to an LPE in case the attacker already has local privileges). Reference: https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7379
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7370
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7418
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7548 https://access.redhat.com/errata/RHSA-2023:7548
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7549 https://access.redhat.com/errata/RHSA-2023:7549
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7551 https://access.redhat.com/errata/RHSA-2023:7551
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7554 https://access.redhat.com/errata/RHSA-2023:7554
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7557 https://access.redhat.com/errata/RHSA-2023:7557
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2023:7559 https://access.redhat.com/errata/RHSA-2023:7559
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:0340 https://access.redhat.com/errata/RHSA-2024:0340
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0378 https://access.redhat.com/errata/RHSA-2024:0378
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0386 https://access.redhat.com/errata/RHSA-2024:0386
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0431 https://access.redhat.com/errata/RHSA-2024:0431
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:0432 https://access.redhat.com/errata/RHSA-2024:0432
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:0461 https://access.redhat.com/errata/RHSA-2024:0461
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0554 https://access.redhat.com/errata/RHSA-2024:0554
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0575 https://access.redhat.com/errata/RHSA-2024:0575
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2024:1268 https://access.redhat.com/errata/RHSA-2024:1268
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:1269 https://access.redhat.com/errata/RHSA-2024:1269
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2024:1278 https://access.redhat.com/errata/RHSA-2024:1278