[CLSA-2024:1727690025] kernel: Fix of 80 CVEs
Type:
security
Severity:
Important
Release date:
2024-09-30 09:53:48 UTC
Description:
- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738} - drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725} - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724} - drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723} - drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs {CVE-2024-42285} - tipc: Return non-zero value from tipc_udp_addr2str() on error {CVE-2024-42284} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - nvme: avoid double free special payload {CVE-2024-41073} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - xfs: don't walk off the end of a directory data block {CVE-2024-41013} - tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665} - KVM: x86/mmu: make apf token non-zero to fix bug {CVE-2022-48943} - cifs: fix double free race when mount fails in cifs_get_root() {CVE-2022-48919} - netfilter: fix use-after-free in __nf_register_net_hook() {CVE-2022-48912} - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() {CVE-2022-48742} - selinux: fix double free of cond_list on error paths {CVE-2022-48740} - ALSA: hda: Fix UAF of leds class devs at unbinding {CVE-2022-48735} - drm/nouveau: fix off by one in BIOS boundary checking {CVE-2022-48732} - mm, slub: fix potential memoryleak in kmem_cache_open() {CVE-2021-47466} - x86/coco: Disable 32-bit emulation by default on TDX and SEV {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() {CVE-2024-25744} - x86/entry: Rename ignore_sysret() {CVE-2024-25744} - x86/cpu: Don't write CSTAR MSR on Intel CPUs {CVE-2024-25744} - x86: Introduce ia32_enabled() {CVE-2024-25744} - scsi: qedf: Make qedf_execute_tmf() non-preemptible {CVE-2024-42124} - ftruncate: pass a signed offset {CVE-2024-42084} - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor {CVE-2024-41035} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - drm/radeon: fix UBSAN warning in kv_dpm.c {CVE-2024-40988} - ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601} - Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884} - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() {CVE-2023-52840} - wifi: ath11k: fix htt pktlog locking {CVE-2023-52800} - wifi: ath11k: fix dfs radar event locking {CVE-2023-52798} - ACPI: LPIT: Avoid u32 multiplication overflow {CVE-2023-52683} - ACPI: extlog: fix NULL pointer dereference check {CVE-2023-52605} - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect {CVE-2023-52478} - USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760} - phylib: fix potential use-after-free {CVE-2022-48754} - serial: core: fix transmit-buffer reset and memleak {CVE-2021-47527} - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497} - mlxsw: thermal: Fix out-of-bounds memory accesses {CVE-2021-47441} - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs {CVE-2021-47393} - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47386} - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47385} - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47384} - virtio-net: Add validation for used length {CVE-2021-47352} - watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321} - ACPI: fix NULL pointer dereference {CVE-2021-47289} - ipv6: prevent possible NULL dereference in rt6_probe() {CVE-2024-40960} - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() {CVE-2024-40959} - wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941} - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() {CVE-2024-40912} - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages {CVE-2024-40904} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901} - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet {CVE-2024-39506} - vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499} - crypto: bcm - Fix pointer arithmetic {CVE-2024-38579} - scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559} - net: openvswitch: fix overwriting ct original tuple for ICMPv6 {CVE-2024-38558} - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload {CVE-2024-36919} - netfilter: complete validation of user input {CVE-2024-35962} - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() {CVE-2024-35944} - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() {CVE-2024-26894} - dm: call the resume method on internal suspend {CVE-2024-26880} - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855} - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again {CVE-2024-26720} - tracing: Ensure visibility when inserting an element into tracing_map {CVE-2024-26645} - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() {CVE-2023-52809} - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() {CVE-2023-52470} - Input: add bounds checking to input_set_capability() {CVE-2022-48619} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148} - net: do not leave a dangling sk pointer, when socket creation fails {CVE-2024-40954} - media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900} - fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940} - PCI/MSI: Fix UAF in msi_capability_init {CVE-2024-41096}
Updated packages:
  • bpftool-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:34407f9cbd3862fe743305f95e0245f8f1beddecdee6aae3b4a17a31c6adbb93
  • kernel-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:9afdca93748e5bb8be179815a08f6368e32ce62a930ac7feec80732bbf91ebf1
  • kernel-core-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:99238b07d4e3c1340ef3501848f5753354cd3c69985a9486d1b858343e9a3503
  • kernel-cross-headers-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:9cf721b996889349ff25717c2813f5d9e9b55caef4ffcc8d4d58105be6cf5633
  • kernel-debug-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:d5e77b8e2bdc04bbd41bffabdf72a77d903b1bfeb04ba221061c312cda46db54
  • kernel-debug-core-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:0079262fe2661e87fdd2ebda843795bc8dbd25e6e8edf2238c1e4c002b28305e
  • kernel-debug-devel-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:271e39197cb7c25d40813270ad4685432050fcd299eade92a53e21deff46547a
  • kernel-debug-modules-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:7dd57c46e3c90d87f50c9f2e0462a108a7e4ee8602579c233cbf24ef8d40ddb7
  • kernel-debug-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:b3e23469cb166418a7e5ee99c666f78803144c0f6d2dd391645b27bae40f45cb
  • kernel-debug-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:a4c43b26d34600266db474a6491db197a5eaaf122cf5787319cb166ea58ac7a5
  • kernel-devel-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:b8f55f037f12c92ac389795e86a0d9aa234f57a4b966239e47208ebf57805192
  • kernel-headers-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:594af9d2ff7060e0350f359d43b575da174fd763f5f25df3917b297424352107
  • kernel-ipaclones-internal-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:860925acd412f60cb63751f7bfd70f64c62c63b00516608c0d5002a8fd19cb5a
  • kernel-modules-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:7274a93be58ce8712791f8f87d1b68997fc9584059d02facbfe60c1eefd6991b
  • kernel-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:605288427a6b32dbe8f2711fdcbe5e1c00cf7a1874d27c3c89c6e749ded20c90
  • kernel-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:8d790735ededdfe6f4da09afead84085bd79e6246b4247a01f1cb2d82e0537d6
  • kernel-selftests-internal-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:dc56627229eb8d2bdbb22231be03302e8bd311244554062122fa647659bf0798
  • kernel-tools-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:24b46de702e9f91d99351419398bd69eaae3637784b619f0962706455db92663
  • kernel-tools-libs-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:a546286bdb9fb38cf5af9bbc4c5c110a8358b20070da90315a36515122423b2a
  • kernel-tools-libs-devel-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:05d128033b7ec2660d050edd37c69781c691f4d2d85904a7e9862ada9f4322e4
  • perf-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:40b958fbd7f225dce3616f9846c49e05734ee3293d96ded6b615b5066f7e5519
  • python3-perf-4.18.0-348.7.1.el8_5.tuxcare.els20.x86_64.rpm
    sha:3287979b7cb5dfca2bd72a0453571e690e282378fac501a785ad231b00b141e0
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.