RHSA-2024:0930HighCVSS 7.8

Red Hat Security Advisory: kernel security update

Published
February 21, 2024
Last Modified
July 3, 2026

🔗 CVE IDs covered (18)

📋 Description

CVE-2021-33655 — kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory CVE-2022-2196 — kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks CVE-2022-3239 — kernel: media: em28xx: initialize refcount before kref_get CVE-2022-3625 — kernel: use-after-free after failed devlink reload in devlink_param_get CVE-2022-20368 — kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() CVE-2022-23960 — hw: cpu: arm64: Spectre-BHB CVE-2022-29581 — kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c CVE-2022-36402 — kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c CVE-2022-38096 — kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query CVE-2022-38457 — kernel: vmwgfx: use-after-free in vmw_cmd_res_check CVE-2022-40133 — kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context CVE-2023-1074 — kernel: sctp: fail if no bound addresses can be used for a given scope CVE-2023-6546 — kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6931 — kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size CVE-2023-30456 — kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 CVE-2023-31084 — kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible CVE-2023-51042 — kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c CVE-2024-1086 — kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function

🔗 References (21)