[CLSA-2024:1728936982] kernel: Fix of 86 CVEs
Type:
security
Severity:
Important
Release date:
2024-10-14 20:16:26 UTC
Description:
- drm/amd/pm: Fix negative array index read {CVE-2024-46821} - drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818} - drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813} - drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box {CVE-2024-46811} - Squashfs: sanity check symbolic link size {CVE-2024-46744} - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses {CVE-2024-46859} - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() {CVE-2024-40995} - net/sched: act_api: rely on rcu in tcf_idr_check_alloc {CVE-2024-40995} - netfilter: bridge: confirm multicast packets before passing them up the stack {CVE-2024-27415} - netfilter: let reset rules clean out conntrack entries {CVE-2024-27415} - mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray {CVE-2024-42243} - gpiolib: cdev: Fix use after free in lineinfo_changed_notify {CVE-2024-36899} - bpf, sockmap: Prevent lock inversion deadlock in map delete elem {CVE-2024-35895} - bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t {CVE-2024-35895} - mm/huge_memory: don't unpoison huge_zero_folio {CVE-2024-40914} - cxgb4: fix use after free bugs caused by circular dependency problem {CVE-2023-4133} - timers: Restore ABI Compatibility with timer_delete Functions {CVE-2023-4133} - timers: Provide timer_shutdown[_sync]() {CVE-2023-4133} - timers: Add shutdown mechanism to the internal functions {CVE-2023-4133} - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode {CVE-2023-4133} - timers: Silently ignore timers with a NULL function {CVE-2023-4133} - timers: Rename del_timer() to timer_delete() {CVE-2023-4133} - timers: Rename del_timer_sync() to timer_delete_sync() {CVE-2023-4133} - timers: Use del_timer_sync() even on UP {CVE-2023-4133} - timers: Update kernel-doc for various functions {CVE-2023-4133} - timers: Replace BUG_ON()s {CVE-2023-4133} - timers: Get rid of del_singleshot_timer_sync() {CVE-2023-4133} - clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function {CVE-2023-4133} - clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function {CVE-2023-4133} - mm: avoid overflows in dirty throttling logic {CVE-2024-42131} - ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601} - igc: avoid returning frame twice in XDP_REDIRECT {CVE-2024-26853} - igc: Avoid transmit queue timeout for XDP {CVE-2024-26853} - nfsd: fix RELEASE_LOCKOWNER {CVE-2024-26629} - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc {CVE-2023-52880} - nvmet: fix a possible leak when destroy a ctrl during qp establishment {CVE-2024-42152} - net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() {CVE-2024-42110} - x86: stop playing stack games in profile_pc() {CVE-2024-42096} - xdp: Remove WARN() from __xdp_reg_mem_model() {CVE-2024-42082} - NFSv4: Fix memory leak in nfs4_set_security_label {CVE-2024-41076} - ppp: reject claimed-as-LCP but actually malformed packets {CVE-2024-41044} - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). {CVE-2024-41041} - sched/deadline: Fix task_struct reference leak {CVE-2024-41023} - tipc: force a dst refcount before doing decryption {CVE-2024-40983} - scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978} - wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - xhci: Handle TD clearing for multiple streams case {CVE-2024-40927} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() {CVE-2024-40912} - wifi: cfg80211: Lock wiphy in cfg80211_get_station {CVE-2024-40911} - ipv6: fix possible race in __fib6_drop_pcpu_from() {CVE-2024-40905} - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING {CVE-2024-39476} - usb-storage: alauda: Check whether the media is initialized {CVE-2024-38619} - usb-storage: alauda: Fix uninit-value in alauda_check_media() {CVE-2024-38619} - crypto: bcm - Fix pointer arithmetic {CVE-2024-38579} - scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559} - wifi: nl80211: don't free NULL coalescing rule {CVE-2024-36941} - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() {CVE-2024-36025} - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() {CVE-2024-35898} - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work {CVE-2024-35852} - wifi: iwlwifi: dbg-tlv: ensure NUL termination {CVE-2024-35845} - KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() {CVE-2024-35791} - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes {CVE-2024-35789} - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work {CVE-2024-27052} - nfp: flower: handle acti_netdevs allocation failure {CVE-2024-27046} - octeontx2-af: Use separate handlers for interrupts {CVE-2024-27030} - netfilter: flowtable: validate pppoe header {CVE-2024-27016} - kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address {CVE-2024-26946} - scsi: qla2xxx: Fix command flush on cable pull {CVE-2024-26931} - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel {CVE-2024-26737} - Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884} - bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself {CVE-2023-52735} - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() {CVE-2023-52651} - net: tap_open(): set sk_uid from current_fsuid() {CVE-2023-4194} - net: tun_chr_open(): set sk_uid from current_fsuid() {CVE-2023-4194} - seg6: fix the iif in the IPv6 socket control block {CVE-2021-47515} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - hwmon: (adc128d818) Fix underflows seen when writing limit attributes {CVE-2024-46759} - net: bridge: mst: fix vlan use-after-free {CVE-2024-36979} - stm class: Fix a double free in stm_register_device() {CVE-2024-38627} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - of/irq: Prevent device address out-of-bounds read in interrupt map walk {CVE-2024-46743} - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup {CVE-2024-46747} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722} - drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - wifi: nl80211: Avoid address calculations via out of bounds array indexing {CVE-2024-38562} - wifi: nl80211: convert cfg80211_scan_request allocation to *_size macros {CVE-2024-38562} - overflow: Implement size_t saturating arithmetic helpers {CVE-2024-38562} - cdrom: rearrange last_media_change check to avoid unintentional overflow {CVE-2024-42136} - ftrace: Fix possible use-after-free issue in ftrace_location() {CVE-2024-38588} - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() {CVE-2024-38588} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - firmware: cs_dsp: Fix overflow checking of wmfw header {CVE-2024-41039} - hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758} - HID: amd_sfh: free driver_data after destroying hid device {CVE-2024-46746} - xfs: don't walk off the end of a directory data block {CVE-2024-41013} - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756} - tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731} - drm/amdgpu/mes: fix mes ring buffer overflow {CVE-2024-46700} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - PCI/MSI: Fix UAF in msi_capability_init {CVE-2024-41096}
Updated packages:
  • bpftool-7.0.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:d8918b3611f0f38f723f70537364173ccfbe2b9ce3ebb15ad9b2d6bdadc644d3
  • kernel-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:230d90183567a09b389df141263480f31d10aa6b798c9a028a43706f3abb833b
  • kernel-abi-stablelists-5.14.0-284.30.1.el9_2.tuxcare.els8.noarch.rpm
    sha:8a00784d36ddefff4e7daf1b64b51822b75ea593089cf700e966ec23910537b6
  • kernel-core-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:c444a0b9666c223cdd99c227b4a9ce43153c32ad91175ba797bb1d005ffd0641
  • kernel-cross-headers-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:b64644322382ca9d0f4ea1e2e782a9438ed4e9a5c5511a703c64871cf84e2b4e
  • kernel-debug-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:8de3cbb685e209a1f44303c20ee05c80e0bd96267acb7abd8749ced312d549ee
  • kernel-debug-core-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:78eae7987443ccd096447f6d43a5adf46c892fd1b944234a9c7453bd6d090ca1
  • kernel-debug-devel-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:52236944f857bf7eda16ac52f7f37fba628f9239e9d0b7055551b69ae2fe6753
  • kernel-debug-devel-matched-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:f04f4d54fdd375d978a72b1170973654d4cf2b12a6907a5c3bb90ccc513a7288
  • kernel-debug-modules-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:f1505e4d52286130f0bd1322eab09e32ce89098971f7a0f500a03f34594178bd
  • kernel-debug-modules-core-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:07a9567e0aeefc582dafe663c0b89229b588681ae31d5346a00858d05c2ba81a
  • kernel-debug-modules-extra-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:c14c973d64acb51deac8f9d8ca785d6c31bb748209da988bd9bb6c4f0c889c66
  • kernel-debug-modules-internal-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:2eca9a1b1761e93b6b570daba56b0a99f4898a68856e9fc49d28cefe28eb9a0b
  • kernel-debug-modules-partner-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:eada11fdccdf03b561d2831f235b3ff74bffe4120f71db6c9570357aae3aacdd
  • kernel-debug-uki-virt-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:0f94a8657a4551f2976cac0e74afecb58eb6419917ff60940ee92f0be27fce8d
  • kernel-devel-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:2e9386b7f62bb4cb6d322aeb644fe1c5cc485f3cf7d2cf5d483dd32139003e2b
  • kernel-devel-matched-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:362495d3d94e7fbf21b0d7d260514ff1941e9c26f8d3c597adc56687920d9974
  • kernel-doc-5.14.0-284.30.1.el9_2.tuxcare.els8.noarch.rpm
    sha:356aae47c759b8a9cde15ffecb4b95735677b8714ff3fe47d690b2b45fbf9e17
  • kernel-headers-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:ee49d392f04c058edb4381d1402e91df5addb5b73771670fa1df96a5a96093ab
  • kernel-ipaclones-internal-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:fe6243b3dff88aa302ea0665c43d881e004a0a211772044b9e4be2f8cff6b7a7
  • kernel-modules-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:462458133b434e814a7ce10e880675abe467ac850d5d8e04f407ce61472e6bc8
  • kernel-modules-core-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:84f9ec9a53872ad6f207ff22ed98f25a851478ff296cd0a58c6b9831971a8e6c
  • kernel-modules-extra-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:8759135303dd77d2368e9b63e850429626731c3435c308331c01364565011199
  • kernel-modules-internal-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:54c260489e754cc7f566597679e29d003fa5c0bb796b82f30b9c6d65ebf0a8a5
  • kernel-modules-partner-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:a685d7dfb86ba730acfc99dffe345bb17d993e2384352d9184fc7b2fbf4d990e
  • kernel-selftests-internal-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:3e5391ce35aa80d1336165e6c1f9974830e741c08256fbe72b2ae6c6a5424e6a
  • kernel-tools-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:f6f6b66fa812f8b89035afb41d2bf50336c5fa4a0bfeebb6156ed70e160ac024
  • kernel-tools-libs-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:4a363e81bcd5e93d982800bd371b1d059efca7af0ca1308501135e469dde09bd
  • kernel-tools-libs-devel-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:57fd4c332e204af3bb2dd10ce45ff8b8202325ec362f73ce1b37224df1bbe9bf
  • kernel-uki-virt-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:f58964a7927f1b984d0fde2eee6978d1da1e77d11716c389c39d3827463ec491
  • perf-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:6e2bf492b006e1c2a64ba1b981dbbd903e3ac7bb128970c7f55362e90fe63345
  • python3-perf-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:83da09482a1bccc340bfcd584ddac418ed962785b310344f0e34749bddd16673
  • rtla-5.14.0-284.30.1.el9_2.tuxcare.els8.x86_64.rpm
    sha:dec24e80444d2bb1decc5ad389d4fad5f986d3d74d998f313dcc86b6b1fdbe4c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.