Red Hat Security Advisory: kernel-rt security update
🔗 CVE IDs covered (46)
📋 Description
CVE-2021-47459 — kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv CVE-2022-36402 — kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c CVE-2022-38457 — kernel: vmwgfx: use-after-free in vmw_cmd_res_check CVE-2022-40133 — kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context CVE-2022-48743 — kernel: net: amd-xgbe: Fix skb data length underflow CVE-2023-5633 — kernel: vmwgfx: reference count issue leads to use-after-free in surface handling CVE-2023-33951 — kernel: vmwgfx: race condition leading to information disclosure vulnerability CVE-2023-33952 — kernel: vmwgfx: double free within the handling of vmw_buffer_object objects CVE-2023-52434 — kernel: smb: client: fix potential OOBs in smb2_parse_contexts() CVE-2023-52439 — kernel: uio: Fix use-after-free in uio_open CVE-2023-52450 — kernel: intel: Fix NULL pointer dereference issue in upi_fill_topology() CVE-2023-52518 — kernel: Bluetooth: hci_codec: Fix leaking content of local_codecs CVE-2023-52578 — kernel: net: bridge: data races indata-races in br_handle_frame_finish() CVE-2023-52707 — kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue() CVE-2023-52811 — kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool CVE-2024-1151 — kernel: stack overflow problem in Open vSwitch kernel module leading to DoS CVE-2024-26581 — kernel: nftables: nft_set_rbtree skip end interval element from gc CVE-2024-26668 — kernel: netfilter: nft_limit: reject configurations that cause integer overflow CVE-2024-26698 — kernel: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove CVE-2024-26704 — kernel: ext4: fix double-free of blocks due to wrong extents moved_len CVE-2024-26739 — kernel: net/sched: act_mirred: don't override retval if we already lost the skb CVE-2024-26773 — kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() CVE-2024-26808 — kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain CVE-2024-26810 — kernel: vfio/pci: Lock external INTx masking ops CVE-2024-26880 — kernel: dm: call the resume method on internal suspend CVE-2024-26923 — kernel: af_unix: Fix garbage collector racing against connect() CVE-2024-26925 — kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path CVE-2024-26929 — kernel: scsi: qla2xxx: Fix double free of fcport CVE-2024-26931 — kernel: scsi: qla2xxx: Fix command flush on cable pull CVE-2024-26982 — kernel: Squashfs: check the inode number is not the invalid value of zero CVE-2024-27016 — kernel: netfilter: flowtable: validate pppoe header CVE-2024-27019 — kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() CVE-2024-27020 — kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() CVE-2024-27065 — kernel: netfilter: nf_tables: do not compare internal table flags on updates CVE-2024-27417 — kernel: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() CVE-2024-35791 — kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() CVE-2024-35897 — kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion CVE-2024-35899 — kernel: netfilter: nf_tables: flush pending destroy work before exit_net release CVE-2024-35950 — kernel: drm/client: Fully protect modes[] with dev->mode_config.mutex CVE-2024-36025 — kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() CVE-2024-36489 — kernel: tls: fix missing memory barrier in tls_init CVE-2024-36904 — kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). CVE-2024-36924 — kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() CVE-2024-36952 — kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up CVE-2024-36978 — kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() CVE-2024-38596 — kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
🔗 References (49)
- selfhttps://access.redhat.com/errata/RHSA-2024:4831
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2133451
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2133453
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2133455
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2218195
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2218212
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2245663
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2262241
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2265185
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2265271
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2265285
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2265649
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2267758
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2267799
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2272797
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273117
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273174
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273236
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273270
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273405
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2273654
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2275690
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2277166
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2277171
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278245
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278250
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278256
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278258
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278264
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278337
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2278380
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281052
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281097
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281667
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281672
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281942
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2282615
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2282743
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2282898
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2284421
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2284506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2284541
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2284598
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2293078
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2293316
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2293371
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2293687
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4831.json