RHSA-2024:0412HighCVSS 8.8

Red Hat Security Advisory: kernel security and bug fix update

Published
January 25, 2024
Last Modified
June 29, 2026

🔗 CVE IDs covered (52)

📋 Description

CVE-2022-0854 — kernel: swiotlb information leak with DMA_FROM_DEVICE CVE-2022-1016 — kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM CVE-2022-1679 — kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges CVE-2022-3028 — kernel: race condition in xfrm_probe_algs can lead to OOB read/write CVE-2022-3522 — kernel: race condition in hugetlb_no_page() in mm/hugetlb.c CVE-2022-3567 — kernel: data races around sk->sk_prot CVE-2022-3628 — kernel: USB-accessible buffer overflow in brcmfmac CVE-2022-4129 — kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference CVE-2022-20141 — kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets CVE-2022-30594 — kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option CVE-2022-40982 — hw: Intel: Gather Data Sampling (GDS) side channel vulnerability CVE-2022-41218 — kernel: Report vmalloc UAF in dvb-core/dmxdev CVE-2022-41858 — kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip CVE-2022-43750 — kernel: memory corruption in usbmon driver CVE-2022-47929 — kernel: NULL pointer dereference in traffic control subsystem CVE-2022-50083 — kernel: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h CVE-2022-50179 — kernel: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb CVE-2023-0394 — kernel: NULL pointer dereference in rawv6_push_pending_frames CVE-2023-1073 — kernel: HID: check empty report_list in hid_validate_values() CVE-2023-1079 — kernel: hid: Use After Free in asus_remove() CVE-2023-1192 — kernel: use-after-free in smb2_is_status_io_timeout() CVE-2023-1195 — kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c CVE-2023-1382 — kernel: denial of service in tipc_conn_close CVE-2023-1838 — kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() CVE-2023-1855 — kernel: use-after-free bug in remove function xgene_hwmon_remove CVE-2023-1998 — kernel: Spectre v2 SMT mitigations problem CVE-2023-2162 — kernel: UAF during login when accessing the shost ipaddress CVE-2023-2163 — kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe CVE-2023-2194 — kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() CVE-2023-2513 — kernel: ext4: use-after-free in ext4_xattr_set_entry() CVE-2023-3161 — kernel: fbcon: shift-out-of-bounds in fbcon_set_font() CVE-2023-3268 — kernel: out-of-bounds access in relay_file_read CVE-2023-3567 — kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race CVE-2023-3611 — kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead CVE-2023-3772 — kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() CVE-2023-3812 — kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags CVE-2023-4459 — kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup() CVE-2023-4622 — kernel: use after free in unix_stream_sendpage CVE-2023-4623 — kernel: net/sched: sch_hfsc UAF CVE-2023-4732 — kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h CVE-2023-5178 — kernel: use after free in nvmet_tcp_free_crypto in NVMe CVE-2023-23454 — kernel: slab-out-of-bounds read vulnerabilities in cbq_classify CVE-2023-26545 — kernel: mpls: double free on sysctl allocation failure CVE-2023-31436 — kernel: out-of-bounds write in qfq_change_class function CVE-2023-33203 — kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() CVE-2023-35823 — kernel: saa7134: race condition leading to use-after-free in saa7134_finidev() CVE-2023-35824 — kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c() CVE-2023-38409 — kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment CVE-2023-42753 — kernel: netfilter: potential slab-out-of-bound access due to integer underflow CVE-2023-45871 — kernel: IGB driver inadequate buffer size for frames larger than MTU CVE-2023-53015 — kernel: HID: betop: check shape of output reports CVE-2024-0562 — kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c

🔗 References (54)