[CLSA-2024:1725876080] kernel: Fix of 44 CVEs
Type:
security
Severity:
Critical
Release date:
2024-09-09 10:01:23 UTC
Description:
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list {CVE-2024-40956} - userfaultfd: fix a race between writeprotect and exit_mmap() {CVE-2021-47461} - netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397} - x86/sev: Harden #VC instruction emulation somewhat {CVE-2024-25742} - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD {CVE-2024-42161} - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro {CVE-2024-42161} - pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940} - pinctrl: core: fix possible memory leak in pinctrl_enable() {CVE-2024-36940} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - wifi: mt76: replace skb_put with skb_put_zero {CVE-2024-42225} - ata: libata-core: Fix double free on error {CVE-2024-41087} - drm/amdgpu: add error handle to avoid out-of-bounds {CVE-2024-39471} - drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552} - net: sched: sch_multiq: fix possible OOB write in multiq_tune() {CVE-2024-36978} - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - net/sched: flower: Fix chain template offload {CVE-2024-26669} - ipv6: Remove extra counter pull before gc {CVE-2023-52340} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - net/dst: use a smaller percpu_counter batch for dst entries accounting {CVE-2023-52340} - net: add a route cache full diagnostic message {CVE-2023-52340} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779} - tcp_metrics: validate source addr length {CVE-2024-42154} - net: fix out-of-bounds access in ops_init {CVE-2024-36883} - tap: add missing verification for short frame {CVE-2024-41090} - tun: add missing verification for short frame {CVE-2024-41091} - iommu: Fix potential use-after-free during probe {CVE-2022-48796} - nvme: fix a possible use-after-free in controller reset during load {CVE-2022-48790} - nvme-tcp: fix possible use-after-free in transport error_recovery work {CVE-2022-48789} - nvme-rdma: fix possible use-after-free in transport error_recovery work {CVE-2022-48788} - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() {CVE-2024-26773} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() {CVE-2024-26772} - ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704} - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove {CVE-2024-26698} - ubi: Check for too small LEB size in VTBL code {CVE-2024-25739} - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool {CVE-2023-52811} - arp: Prevent overflow in arp_req_get(). {CVE-2024-26733} - SUNRPC: Fix a suspicious RCU usage warning {CVE-2023-52623} - ext4: avoid online resizing failures due to oversized flex bg {CVE-2023-52622} - pstore/ram: Fix crash when setting number of cpus to an odd number {CVE-2023-52619} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - drm: Don't unref the same fb many times by mistake due to deadlock handling {CVE-2023-52486} - net: amd-xgbe: Fix skb data length underflow {CVE-2022-48743} - tracing: Restructure trace_clock_global() to never block {CVE-2021-46939} - tcp: make sure init the accept_queue's spinlocks once {CVE-2024-26614} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228} - gfs2: Fix potential glock use-after-free on unmount {CVE-2024-38570} - gfs2: Rename sd_{ glock => kill }_wait {CVE-2024-38570} - gfs2: Use container_of() for gfs2_glock(aspace) {CVE-2024-38570} - gfs2: Remove ill-placed consistency check {CVE-2024-38570} - gfs2: introduce new gfs2_glock_assert_withdraw {CVE-2024-38570} - gfs2: simplify gdlm_put_lock with out_free label {CVE-2024-38570} - gfs2: Expect -EBUSY after canceling dlm locking requests {CVE-2024-38570} - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path {CVE-2024-26925} - netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668} - sched/psi: Fix use-after-free in ep_remove_wait_queue() {CVE-2023-52707} - wait: add wake_up_pollfree() {CVE-2023-52707}
Updated packages:
  • bpftool-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:0168c9f5dbfa4ede172f8ff0ce1033da56c2eba6e45caa4a61fdbebdd3f16198
  • kernel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:465c359b364a59596e4eb6d69a49bc01ac4b829bd5c26c4e68a51027ae1fc9e4
  • kernel-core-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:8459ece4db8cb8de8d934ad2d05439a4fbaefb21c2b348358fe4f30e1b131b1d
  • kernel-cross-headers-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:6bd8ccc554bb0c3a0426fac85a0c9b23e7b33330a40dcc4b042954901bfa057f
  • kernel-debug-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:27e72b39da149ae4edbde06b8a6d547b3b5e2be61ca937e491b005691c364dab
  • kernel-debug-core-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:8c5c2ba6fdd27276d849d5f1d9dffe58ef29ceb82729a47923bdbcfaf6f12602
  • kernel-debug-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:39414f51be2595e9d4be1cca264d5a4cd9410aae48eddfa3a487385e60813d08
  • kernel-debug-modules-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:045d356409f70936d63f23c6cc5287623410683c20bdf90d499c873fa831b63d
  • kernel-debug-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:f1af7e3a94cde784b9ed753443bd78df725034b9920ef1b7ae48fd9df1587c89
  • kernel-debug-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:d7a4182203afd117e7850cefd58158549f4da10de26f26a3be998e2ec68a0719
  • kernel-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:e3a510ebf1376b0d205dab03ca5781d1f0bce9d5aae151d9f4bfdbea824a3fa2
  • kernel-headers-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:fab1e2173c175197dcccfc6048da7e1ec3884488fa4905bbc40f981660e4027a
  • kernel-ipaclones-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:ee2295b35c009d4d37ad1a34c254ff38c7f7607dcb11ff34d3c513f2eb1f1df5
  • kernel-modules-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:d381a8ca560f2a454b96c78b15c547a2e93545b694c7f3f3cac124e953501bad
  • kernel-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:0f2669d84ec1c8c2c131206a9f96a6076a527a94ed34a4e9106057ea397c417d
  • kernel-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:40c5539337afeff1b705a913d5ae93edcb469c5df74b0f15a60eea32c6061976
  • kernel-selftests-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:ca642600a5276d0783265ecdc6ca7c4c71048db98196d8ca7d69c0151b77cd97
  • kernel-tools-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:abc3473ee61dc3c09f881dc29120ad0e49b0f8a38f67823b2b43699367829dec
  • kernel-tools-libs-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:51ecf894b2e6ba880b9a36cb9ce80c5c6b7497b2cb5aae3dc1d1cbedbcc3506c
  • kernel-tools-libs-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:2fa6110663d3a0c57b71cd796d422081576536190e57f1208be5f6ea1c70650d
  • perf-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:be307da8454fbb3e09024a107912a69d606f2d84c1dcf5b4c4228838cf38c3bb
  • python3-perf-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm
    sha:a1bd41467c1193d4bd95010ae9ca7fc57ac8bbfe5da6640ae402e8a484757b89
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.