CLSA-2024:1731933167

[CLSA-2024:1731933167] kernel: Fix of 36 CVEs

Type:

security

Severity:

Critical

Release date:

2024-11-18 18:33:38 UTC

Description:

- smb: client: fix use-after-free in smb2_query_info_compound() {CVE-2023-52751}
- smb: client: prevent new fids from being removed by laundromat {CVE-2023-52751}
- cifs: fix dentry lookups in directory handle cache {CVE-2023-52751}
- uprobe: avoid out-of-bounds memory access of fetching args {CVE-2024-50067}
- net: do not delay dst_entries_add() in dst_release() {CVE-2024-50036}
- smb: client: fix UAF in async decryption {CVE-2024-50047}
- smb3: rename encryption/decryption TFMs
- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745}
- ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701}
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073}
- driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055}
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991}
- drm/amd/display: fix double free issue during amdgpu module unload {CVE-2024-49989}
- ext4: fix timer use-after-free on failed mount {CVE-2024-49960}
- Bluetooth: L2CAP: Fix uaf in l2cap_connect {CVE-2024-49950}
- Bluetooth: l2cap: Don't double set the HCI_CONN_MGMT_CONNECTED bit {CVE-2024-49950}
- mptcp: pm: Fix uaf in __timer_delete_sync {CVE-2024-46858}
- of: fdt: fix off-by-one error in unflatten_dt_nodes() {CVE-2022-48672}
- filelock: fix potential use-after-free in posix_lock_inode {CVE-2024-41049}
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock {CVE-2024-41049}
- drm/i915/gt: Fix potential UAF by revoke of fence registers {CVE-2024-41092}
- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}
- drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation {CVE-2024-49895}
- slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033}
- drm/amd/display: Fix index out of bounds in DCN30 color transformation {CVE-2024-49969}
- drm/amd/display: Fix index out of bounds in degamma hardware format translation {CVE-2024-49894}
- ext4: aovid use-after-free in ext4_ext_insert_extent() {CVE-2024-49883}
- ACPI: sysfs: validate return type of _STR method {CVE-2024-49860}
- ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882}
- tipc: guard against string buffer overrun {CVE-2024-49995}
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error {CVE-2024-47698}
- firmware_loader: Block path traversal {CVE-2024-47742}
- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() {CVE-2024-47685}
- ext4: fix slab-use-after-free in ext4_split_extent_at() {CVE-2024-49884}
- drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX {CVE-2024-46871}
- ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889}
- wifi: ath11k: fix array out-of-bound access in SoC stats {CVE-2024-49930}
- net: do not leave a dangling sk pointer, when socket creation fails {CVE-2024-40954}
- net: sched: sch_multiq: fix possible OOB write in multiq_tune() {CVE-2024-36978}
- drm/amdgpu: Validate TA binary size {CVE-2024-44977}

Updated packages:

bpftool-7.0.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:822cd31546a763cd40d5a997696cea75bc9114f68a5c784e89038f4cf7a87da0
kernel-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:5398485ba60e87308623513bf4d2398dfc28b241aaabd5fb62293f28f91f1ad8
kernel-abi-stablelists-5.14.0-284.30.1.el9_2.tuxcare.els9.noarch.rpm
sha:b40feb3e2d169c2589c660a9a8a4d03b85e3c6bbd175168f497274af5bfb111e
kernel-core-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:d8e0a971eff97f96c288af993cac4d97c9371913737fc0b173ecfc564804575f
kernel-cross-headers-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:9e526e1f283a37eab526bcc89a0584663de9d71f043d066a4c87d56b1a1fa00c
kernel-debug-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:f1718202a992a5075522c4289e165b0280ced14d81dbc4e02ad85582b33fdfe3
kernel-debug-core-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:502a40140205c2a52ede512dba7f40a64e622c78f3f8ee5ab5a7d8b4300bc8bb
kernel-debug-devel-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:aae66db4a2ca28fa9d7be4ecf675ce72016ee888079b5be4b60ad8d3506417d1
kernel-debug-devel-matched-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:1ab6dead428842c7dc42d51e12960afd4f561fa4390e4a249dc08cd6b0b5be79
kernel-debug-modules-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:93ecd53fa6576d8c4c1824fc84604aadd59d3a2ad60e4e36b12067e5ad1bc20d
kernel-debug-modules-core-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:ece02db07c6bf6f434fe3091ffe2ab44e60f1de35233443bcfca075d8134cec4
kernel-debug-modules-extra-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:38044d1d8432d52decd802e0f7669408ff6d22adcfd57760c4c39e2d4d1071c3
kernel-debug-modules-internal-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:2bbf06f73d78574e9c13ae05f616c7c335cb87ceadd833b74ed60c83224acc43
kernel-debug-modules-partner-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:8b4afe33873fed76a411a5bb39c5ee19cdc4571c6ee9306e70a0a46c7801af30
kernel-debug-uki-virt-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:acea49242ecb0d7245994083710854c2c001e45ddc6615d0cfbcdcface0b0349
kernel-devel-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:7681df2ef67197d12972ea4e7b23814a36bdd190d300be343865b25f79d88d03
kernel-devel-matched-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:8a45377376f9d3e1e617ca344f8d379a6c3f1442993d5aa766ec7863770195b5
kernel-doc-5.14.0-284.30.1.el9_2.tuxcare.els9.noarch.rpm
sha:a4c8c0e502641c20c083efb043850ff04485887690edc988cd1055cea531adc2
kernel-headers-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:90eecd59899d02ff16cd673d0088fccd84a8f7f420106f519452fa8a6142156e
kernel-ipaclones-internal-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:38bacd1d9b7a19b6b198726f058fb6ecbc22f686a4b0c0e67b8401797104ea8b
kernel-modules-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:c6cbbb7adb9afa266430c09e5b026d4f6decdd535b36f4fb9163dff0811f1fc9
kernel-modules-core-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:e34eac416a76ce19a37ade402cbb4f01803054acccec3264ec8702cf43e93b0c
kernel-modules-extra-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:4f7395ef1660ffc1bb8e98fc2a743279d57990c76ae92afa06e3a2468de72d49
kernel-modules-internal-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:034861cd21dbb7f349b55744a9949910d089cdc924404f43209b047d776cac61
kernel-modules-partner-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:1c31bf1b3cf0596d665bc2cc1a7696782e93c84fd0e950d0f43715a58367d105
kernel-selftests-internal-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:4422e75bc800eb5e318bf8d78844dda580ec2398625b51687a56741d9b5c21ce
kernel-tools-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:76a5297c519fd120aaaac6ff5a9b419df00640f8a7400e9f341fd8cb7385f61b
kernel-tools-libs-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:52c97e67ddb2d3c1546598f4b733b2e210ea2c8512eae15a3ec531501354f350
kernel-tools-libs-devel-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:692ec5b8862dbad6f81df7bca74d415a75432e12655e4b472ba2b95ca19e74c9
kernel-uki-virt-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:5a66b50856df7e0e61f9175d9ee9019f67e6980f1ea3591934f5076797b32162
perf-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:0504d1de738759ee77674f06f8e529fb0dbec0e56dbf5ba9849277b79e3ab15b
python3-perf-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:3283eb192f2af1986d515303ce3b8e86ff64377cdad9a155b33fde61a35750b5
rtla-5.14.0-284.30.1.el9_2.tuxcare.els9.x86_64.rpm
sha:badda1ab9cf503c9a54357c54bd63e6662a9a9308bd1800d2041d5fb0808f078

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.