[CLSA-2024:1725872696] kernel: Fix of 42 CVEs
Type:
security
Severity:
Critical
Release date:
2024-09-09 09:05:00 UTC
Description:
- netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397} - x86/sev: Harden #VC instruction emulation somewhat {CVE-2024-25742} - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD {CVE-2024-42161} - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro {CVE-2024-42161} - pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940} - pinctrl: core: fix possible memory leak in pinctrl_enable() {CVE-2024-36940} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - wifi: mt76: replace skb_put with skb_put_zero {CVE-2024-42225} - ata: libata-core: Fix double free on error {CVE-2024-41087} - drm/amdgpu: add error handle to avoid out-of-bounds {CVE-2024-39471} - drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552} - net: sched: sch_multiq: fix possible OOB write in multiq_tune() {CVE-2024-36978} - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - net/sched: flower: Fix chain template offload {CVE-2024-26669} - ipv6: Remove extra counter pull before gc {CVE-2023-52340} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - net/dst: use a smaller percpu_counter batch for dst entries accounting {CVE-2023-52340} - net: add a route cache full diagnostic message {CVE-2023-52340} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779} - tcp_metrics: validate source addr length {CVE-2024-42154} - net: fix out-of-bounds access in ops_init {CVE-2024-36883} - tap: add missing verification for short frame {CVE-2024-41090} - tun: add missing verification for short frame {CVE-2024-41091} - iommu: Fix potential use-after-free during probe {CVE-2022-48796} - nvme: fix a possible use-after-free in controller reset during load {CVE-2022-48790} - nvme-tcp: fix possible use-after-free in transport error_recovery work {CVE-2022-48789} - nvme-rdma: fix possible use-after-free in transport error_recovery work {CVE-2022-48788} - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() {CVE-2024-26773} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() {CVE-2024-26772} - ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704} - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove {CVE-2024-26698} - ubi: Check for too small LEB size in VTBL code {CVE-2024-25739} - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool {CVE-2023-52811} - arp: Prevent overflow in arp_req_get(). {CVE-2024-26733} - SUNRPC: Fix a suspicious RCU usage warning {CVE-2023-52623} - ext4: avoid online resizing failures due to oversized flex bg {CVE-2023-52622} - pstore/ram: Fix crash when setting number of cpus to an odd number {CVE-2023-52619} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - drm: Don't unref the same fb many times by mistake due to deadlock handling {CVE-2023-52486} - net: amd-xgbe: Fix skb data length underflow {CVE-2022-48743} - tracing: Restructure trace_clock_global() to never block {CVE-2021-46939} - tcp: make sure init the accept_queue's spinlocks once {CVE-2024-26614} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228} - gfs2: Fix potential glock use-after-free on unmount {CVE-2024-38570} - gfs2: Rename sd_{ glock => kill }_wait {CVE-2024-38570} - gfs2: Use container_of() for gfs2_glock(aspace) {CVE-2024-38570} - gfs2: Wake up when sd_glock_disposal becomes zero {CVE-2024-38570} - gfs2: Remove ill-placed consistency check {CVE-2024-38570} - gfs2: introduce new gfs2_glock_assert_withdraw {CVE-2024-38570} - gfs2: simplify gdlm_put_lock with out_free label {CVE-2024-38570} - gfs2: Expect -EBUSY after canceling dlm locking requests {CVE-2024-38570} - gfs2: Don't call dlm after protocol is unmounted {CVE-2024-38570} - gfs2: Don't skip dlm unlock if glock has an lvb {CVE-2024-38570} - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path {CVE-2024-26925} - netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668} - sched/psi: Fix use-after-free in ep_remove_wait_queue() {CVE-2023-52707} - wait: add wake_up_pollfree() {CVE-2023-52707}
Updated packages:
  • bpftool-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:7548325aeccb461ab86741bc88dc8d950565ad25f69cc4fbc60cf298f9ce120a
  • kernel-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:6be054b7505b365d46642b020629e2691ba7b1785e1602ebc926ce8c2164ac81
  • kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:3be6d332552135d4ab6a7761b17c437eaf0d15f4b4f1b460a53c576dd0678c55
  • kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:c8a783af89b26ca2a9920783609871f18298f947136780d6b752d34cf67b51ab
  • kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:a5797c24dcf91bd16fcb7bc9cb4aa7997744ec580b198d8d42607af53e299b4d
  • kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:5515b9aa324eb3b0ee38a183d46beacb2d4235d76445f616e72deb45ce623822
  • kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:ae69274529ee04d4856811ca9435ff57d1c57c3495fc8bb6b321e7d8453f1fb5
  • kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:f4ff7bdbe86965a42edd978f9d426d4b16ae4a3bf84df3929b92d82aa14c60bc
  • kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:73d700638e8f9644df48c00dec819128d8b70c4622c4be4afd3dac57e013fa5a
  • kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:8c8f424a86b4b791a3b2ce92d357a24f721109e5d38e08a0415d4305031e3fce
  • kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:9203150d7eae701c5075c188d295239d8ff0312de83ad46d653710598cb066b3
  • kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:b0facfe5ce7b1d528f27b700f73014d6e13041d6dab99388125394b8f3f9c2b9
  • kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:6ed33b919d5b5baa3455d3208217335bd5e4543dcc1c6c6639bccd67646affed
  • kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:1aeef1257a9aec91fa4b20dc4c1b760dfc5ee7887d5695075eb7dbc8691eb96e
  • kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:3cba59c4f493676b8e3270827c850ce8cb917c8a2be5c302d0192a768ae66e7e
  • kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:45fc70d914cedf765fac193bc9dfd36c879e5533e86451cb53705145ceb08d2d
  • kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:9185d540bb06fab49c55cba278083b069437657ffade09b9d0d27f4684d2b428
  • kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:5f3ac710ed947c6017ec9e699b289aeee7ffe6e43f6908e33f5710de0ad84a1c
  • kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:dec954d4836853ec68743bfc50f1ee39388166001407c9621ac30aaf2b902db6
  • kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:99be0c4ad16bf89709c88d47cca6101e210be3aed70bb451d62085ce67e11e6e
  • perf-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:7277503e9aef8f03c1fc632d62e9246684e5a357fefc1228c8865997c02b6699
  • python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els19.x86_64.rpm
    sha:6d5b51c615c49e17207adf9d6a6f928b704e95a0f7361c7648dc8b80cfe0eb9d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.