Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:10943

Опубликовано: 19 дек. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook (CVE-2024-46695)

  • kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (CVE-2024-49949)

  • kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082)

  • kernel: arm64: probes: Remove broken LDR (literal) uprobe support (CVE-2024-50099)

  • kernel: xfrm: fix one more kernel-infoleak in algo dumping (CVE-2024-50110)

  • kernel: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142)

  • kernel: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (CVE-2024-50192)

  • kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256)

  • kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (CVE-2024-50264)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.32.1.el8_10bpftool-4.18.0-553.32.1.el8_10.x86_64.rpm
kernelx86_64553.32.1.el8_10kernel-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.32.1.el8_10kernel-abi-stablelists-4.18.0-553.32.1.el8_10.noarch.rpm
kernel-corex86_64553.32.1.el8_10kernel-core-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-cross-headersx86_64553.32.1.el8_10kernel-cross-headers-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-debugx86_64553.32.1.el8_10kernel-debug-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.32.1.el8_10kernel-debug-core-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.32.1.el8_10kernel-debug-devel-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.32.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.32.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.32.1.el8_10kernel-debug-modules-4.18.0-553.32.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-46695
CVE-2024-49949
CVE-2024-50082
CVE-2024-50099
CVE-2024-50110
CVE-2024-50142
CVE-2024-50192
CVE-2024-50256
CVE-2024-50264

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2024-10943

oracle-oval
8 месяцев назад

ELSA-2024-10943: kernel security update (MODERATE)

oracle-oval логотип

ELSA-2024-10939

oracle-oval
8 месяцев назад

ELSA-2024-10939: kernel security update (MODERATE)

ubuntu логотип

CVE-2024-46695

CVSS3: 4.4
ubuntu
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashing enabled. The end of the kerneldoc comment for __vfs_setxattr_noperm() states: * This function requires the caller to lock the inode's i_mutex before it * is executed. It also assumes that the caller will make the appropriate * permission checks. nfsd_setattr() does do permissions checking via fh_verify() and nfsd_permission(), but those don't do all the same permissions checks that are done by security_inode_setxattr() and its related LSM hooks do. Since nfsd_setattr() is the only consumer of security_inode_setsecctx(), simplest solution appears to be to replace the call to __vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This fixes the above issue and has the added ben...

redhat логотип

CVE-2024-46695

CVSS3: 6.3
redhat
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashing enabled. The end of the kerneldoc comment for __vfs_setxattr_noperm() states: * This function requires the caller to lock the inode's i_mutex before it * is executed. It also assumes that the caller will make the appropriate * permission checks. nfsd_setattr() does do permissions checking via fh_verify() and nfsd_permission(), but those don't do all the same permissions checks that are done by security_inode_setxattr() and its related LSM hooks do. Since nfsd_setattr() is the only consumer of security_inode_setsecctx(), simplest solution appears to be to replace the call to __vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This fixes the above issue and has the added ben...

nvd логотип

CVE-2024-46695

CVSS3: 4.4
nvd
11 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashing enabled. The end of the kerneldoc comment for __vfs_setxattr_noperm() states: * This function requires the caller to lock the inode's i_mutex before it * is executed. It also assumes that the caller will make the appropriate * permission checks. nfsd_setattr() does do permissions checking via fh_verify() and nfsd_permission(), but those don't do all the same permissions checks that are done by security_inode_setxattr() and its related LSM hooks do. Since nfsd_setattr() is the only consumer of security_inode_setsecctx(), simplest solution appears to be to replace the call to __vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This fixes the above issue and has the add