[CLSA-2024:1729541873] kernel: Fix of 86 CVEs
Type:
security
Severity:
Important
Release date:
2024-10-21 20:17:56 UTC
Description:
- drm/amd/pm: Fix negative array index read {CVE-2024-46821} - drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818} - drm/amd/display: Check link_index before accessing dc->links[] {CVE-2024-46813} - drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box {CVE-2024-46811} - Squashfs: sanity check symbolic link size {CVE-2024-46744} - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses {CVE-2024-46859} - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() {CVE-2024-40995} - net/sched: act_api: rely on rcu in tcf_idr_check_alloc {CVE-2024-40995} - netfilter: bridge: confirm multicast packets before passing them up the stack {CVE-2024-27415} - netfilter: let reset rules clean out conntrack entries {CVE-2024-27415} - mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray {CVE-2024-42243} - gpiolib: cdev: Fix use after free in lineinfo_changed_notify {CVE-2024-36899} - bpf, sockmap: Prevent lock inversion deadlock in map delete elem {CVE-2024-35895} - bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t {CVE-2024-35895} - mm/huge_memory: don't unpoison huge_zero_folio {CVE-2024-40914} - cxgb4: fix use after free bugs caused by circular dependency problem {CVE-2023-4133} - timers: Restore ABI Compatibility with timer_delete Functions {CVE-2023-4133} - timers: Provide timer_shutdown[_sync]() {CVE-2023-4133} - timers: Add shutdown mechanism to the internal functions {CVE-2023-4133} - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode {CVE-2023-4133} - timers: Silently ignore timers with a NULL function {CVE-2023-4133} - timers: Rename del_timer() to timer_delete() {CVE-2023-4133} - timers: Rename del_timer_sync() to timer_delete_sync() {CVE-2023-4133} - timers: Use del_timer_sync() even on UP {CVE-2023-4133} - timers: Update kernel-doc for various functions {CVE-2023-4133} - timers: Replace BUG_ON()s {CVE-2023-4133} - timers: Get rid of del_singleshot_timer_sync() {CVE-2023-4133} - clocksource/drivers/sp804: Do not use timer namespace for timer_shutdown() function {CVE-2023-4133} - clocksource/drivers/arm_arch_timer: Do not use timer namespace for timer_shutdown() function {CVE-2023-4133} - mm: avoid overflows in dirty throttling logic {CVE-2024-42131} - ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601} - igc: avoid returning frame twice in XDP_REDIRECT {CVE-2024-26853} - igc: Avoid transmit queue timeout for XDP {CVE-2024-26853} - nfsd: fix RELEASE_LOCKOWNER {CVE-2024-26629} - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc {CVE-2023-52880} - nvmet: fix a possible leak when destroy a ctrl during qp establishment {CVE-2024-42152} - net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() {CVE-2024-42110} - x86: stop playing stack games in profile_pc() {CVE-2024-42096} - xdp: Remove WARN() from __xdp_reg_mem_model() {CVE-2024-42082} - NFSv4: Fix memory leak in nfs4_set_security_label {CVE-2024-41076} - ppp: reject claimed-as-LCP but actually malformed packets {CVE-2024-41044} - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). {CVE-2024-41041} - sched/deadline: Fix task_struct reference leak {CVE-2024-41023} - tipc: force a dst refcount before doing decryption {CVE-2024-40983} - scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978} - wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - xhci: Handle TD clearing for multiple streams case {CVE-2024-40927} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() {CVE-2024-40912} - wifi: cfg80211: Lock wiphy in cfg80211_get_station {CVE-2024-40911} - ipv6: fix possible race in __fib6_drop_pcpu_from() {CVE-2024-40905} - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING {CVE-2024-39476} - usb-storage: alauda: Check whether the media is initialized {CVE-2024-38619} - usb-storage: alauda: Fix uninit-value in alauda_check_media() {CVE-2024-38619} - crypto: bcm - Fix pointer arithmetic {CVE-2024-38579} - scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559} - wifi: nl80211: don't free NULL coalescing rule {CVE-2024-36941} - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() {CVE-2024-36025} - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() {CVE-2024-35898} - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work {CVE-2024-35852} - wifi: iwlwifi: dbg-tlv: ensure NUL termination {CVE-2024-35845} - KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() {CVE-2024-35791} - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes {CVE-2024-35789} - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work {CVE-2024-27052} - nfp: flower: handle acti_netdevs allocation failure {CVE-2024-27046} - octeontx2-af: Use separate handlers for interrupts {CVE-2024-27030} - netfilter: flowtable: validate pppoe header {CVE-2024-27016} - kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address {CVE-2024-26946} - scsi: qla2xxx: Fix command flush on cable pull {CVE-2024-26931} - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel {CVE-2024-26737} - Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884} - bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself {CVE-2023-52735} - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() {CVE-2023-52651} - net: tap_open(): set sk_uid from current_fsuid() {CVE-2023-4194} - net: tun_chr_open(): set sk_uid from current_fsuid() {CVE-2023-4194} - seg6: fix the iif in the IPv6 socket control block {CVE-2021-47515} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - hwmon: (adc128d818) Fix underflows seen when writing limit attributes {CVE-2024-46759} - net: bridge: mst: fix vlan use-after-free {CVE-2024-36979} - stm class: Fix a double free in stm_register_device() {CVE-2024-38627} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - of/irq: Prevent device address out-of-bounds read in interrupt map walk {CVE-2024-46743} - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup {CVE-2024-46747} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722} - drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - wifi: nl80211: Avoid address calculations via out of bounds array indexing {CVE-2024-38562} - wifi: nl80211: convert cfg80211_scan_request allocation to *_size macros {CVE-2024-38562} - overflow: Implement size_t saturating arithmetic helpers {CVE-2024-38562} - cdrom: rearrange last_media_change check to avoid unintentional overflow {CVE-2024-42136} - ftrace: Fix possible use-after-free issue in ftrace_location() {CVE-2024-38588} - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() {CVE-2024-38588} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - firmware: cs_dsp: Fix overflow checking of wmfw header {CVE-2024-41039} - hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758} - HID: amd_sfh: free driver_data after destroying hid device {CVE-2024-46746} - xfs: don't walk off the end of a directory data block {CVE-2024-41013} - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756} - tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731} - drm/amdgpu/mes: fix mes ring buffer overflow {CVE-2024-46700} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - PCI/MSI: Fix UAF in msi_capability_init {CVE-2024-41096}
Updated packages:
  • bpftool-7.0.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:852de64277030413a323afa87dff5a3bd95e73f3e1214a3d093f093d303856b6
  • kernel-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:5479dfd88358bba510470657b0056894c944273a761cf7c4317f323207c0a5b7
  • kernel-abi-stablelists-5.14.0-284.11.1.el9_2.tuxcare.6.els8.noarch.rpm
    sha:99eeaa4b7dd9936a81e59f46f733e59f16ed2ef5ef759d710982efb469af3e93
  • kernel-core-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:2bf6d0d03931b27a12d1a28b3156153a1b3a2a0aed0115e22e67b2c26d88af0b
  • kernel-cross-headers-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:fa26c02816feccaec49978e40c6c3e018be71fe4a80873f425f592cd18752baa
  • kernel-debug-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:d865e1e7257a528cbf80e00b837ebf8957c607c53c69c25b6475996bf6f3c651
  • kernel-debug-core-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:680786b05287edbdb8b36616fc3a6226e7c54402a23cf5fea1de81ad22d35e2e
  • kernel-debug-devel-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:5f19ef7eb34e47017d2e98aff5964a00c24b73c36752d3f8613bf9ebbc5e278c
  • kernel-debug-devel-matched-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:0030824abce4340da24348d8a67b4a65c16c2eaa89405f6fa5e3c689886f4bc8
  • kernel-debug-modules-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:08ffcc5e4c8293cbfec9db0c5a724a1629848d329828f0b9b1950a905ec529c3
  • kernel-debug-modules-core-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:3fa9267b4349335a0d28992e2d9e71f67085e4c46e2f19bfe8bb211472b2579b
  • kernel-debug-modules-extra-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:b113bda65d3cc0974b5487af078425cb2864528546a51acce7c5f714300d432f
  • kernel-debug-modules-internal-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:8d3edc41e6127e093880f2c256a76549de75ca9627731e6e86976e508385cdfd
  • kernel-debug-modules-partner-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:4f49496a2fd40d1717e9e49c5643fafd61710360518dfbc913a64bc5ce59cfb5
  • kernel-debug-uki-virt-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:11d6871995305d66dee311f06045e8ac6e3722ebfd728fe6dd17da6c412c17ad
  • kernel-devel-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:7cc0cf8c8825c052df74e50f7ff8ab0dae4c1d0bcf72d0e3ac684e372fc7b0ff
  • kernel-devel-matched-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:bfbd8ebc1d42b6c30a2c4c37a22d2952e61a90454d5895d5fd0d4f9d4f485ef8
  • kernel-doc-5.14.0-284.11.1.el9_2.tuxcare.6.els8.noarch.rpm
    sha:006697d3d47fd538c61ab9cf977b1659ab0ac65f5b9fda984373cf2f44dad39a
  • kernel-headers-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:1803f2a4d1ceed4b7d7d681d7dd3092a6be89389861714b562026354dd12aed6
  • kernel-ipaclones-internal-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:c7daee52f83cf4ec92b569228eecca69b511d3d731beffac71535748535e2fde
  • kernel-modules-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:d357f61c6870c1ee44888c0298212c9683386abb0368a93f1b54132dde73bf58
  • kernel-modules-core-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:79897479e0a45e7aa7a0c2143b5c1c493eb18a0f1c9f53da29177ef1a8835f9f
  • kernel-modules-extra-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:8ebe96e5e63e37ea345a74bb868acf8a910a635200e700c09599a0ef7ce66248
  • kernel-modules-internal-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:b2615ec5c1d1265543afe27b5427bba459663ac4806611a8ead10433a0f50e9d
  • kernel-modules-partner-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:21b52ce1aa44a5c3456b9d9ae68eb2848c00da4eed8f2aa6b5e36426760f0450
  • kernel-selftests-internal-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:85e76024281b98bd711f83dff233cfa4cc663d14280ac427ea811c2372e1c8df
  • kernel-tools-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:9c06ea136adfe2498a0eee753e7d77c08a5976e42c3e3fe69918fec9f8f64e54
  • kernel-tools-libs-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:b7cbd1279d3d79abcbbbec38dd9355f71bb4f9fa1757b36aa931553da5861ff6
  • kernel-tools-libs-devel-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:41e9d975a99bb038d4928a61c23ef17a2029d08887832c2bf0c58b5cf04b811a
  • kernel-uki-virt-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:e755cc4814d4ac64a8787a9adbe7f0b3580ce08fed271cd66b7bb5cdfcfa9aad
  • perf-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:eb881a9fe6721ed2759b5324d75ec94f214a10fbce6a94b43f0d050d74596079
  • python3-perf-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:8b1dea3b9efac469948d53c2d38e1e7dc7859ca8e929854e1e59e6593cc47462
  • rtla-5.14.0-284.11.1.el9_2.tuxcare.6.els8.x86_64.rpm
    sha:9b978aee17162be524cb7c50d81946d6ae343ab8e3d37777e9463c9693b5995b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.