Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:4349

Опубликовано: 15 июл. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)

  • kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)

  • kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)

  • kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)

  • kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

  • kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)

  • kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)

  • kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)

Bug Fix(es):

  • cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux-28943)

  • BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux-35672)

  • [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux-36220)

  • [Rocky Linux9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux-36687)

  • ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux-36716)

  • CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-37641)

  • IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux-37669)

  • [RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux-38252)

  • Isolated cores causing issues on latest Rocky Linux9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux-38595)

  • [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux-39083)

  • [HPEMC Rocky Linux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux-34953)

  • bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux-43272)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
bpftoolx86_64427.24.1.el9_4bpftool-7.3.0-427.24.1.el9_4.x86_64.rpm
kernelx86_64427.24.1.el9_4kernel-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-abi-stablelistsnoarch427.24.1.el9_4kernel-abi-stablelists-5.14.0-427.24.1.el9_4.noarch.rpm
kernel-corex86_64427.24.1.el9_4kernel-core-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debugx86_64427.24.1.el9_4kernel-debug-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debug-corex86_64427.24.1.el9_4kernel-debug-core-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debug-modulesx86_64427.24.1.el9_4kernel-debug-modules-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debug-modules-corex86_64427.24.1.el9_4kernel-debug-modules-core-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debug-modules-extrax86_64427.24.1.el9_4kernel-debug-modules-extra-5.14.0-427.24.1.el9_4.x86_64.rpm
kernel-debug-uki-virtx86_64427.24.1.el9_4kernel-debug-uki-virt-5.14.0-427.24.1.el9_4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-47400
CVE-2023-52626
CVE-2023-52667
CVE-2024-26801
CVE-2024-26974
CVE-2024-27393
CVE-2024-35870
CVE-2024-35960

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2024-4349

oracle-oval
12 месяцев назад

ELSA-2024-4349: kernel security and bug fix update (MODERATE)

ubuntu логотип

CVE-2021-47400

CVSS3: 4
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly hns3_nic_net_open() is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call hns3_nic_net_open repeatedly, and cause kernel bug by calling napi_enable twice. The calltrace information is like below: [ 3078.222780] ------------[ cut here ]------------ [ 3078.230255] kernel BUG at net/core/dev.c:6991! [ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O) [ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1 [ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021 [ 3078.276801] Workqueue: hclge hclge_service_task [hclge] [ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--) [ 3078.296168] pc...

redhat логотип

CVE-2021-47400

CVSS3: 4.1
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly hns3_nic_net_open() is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call hns3_nic_net_open repeatedly, and cause kernel bug by calling napi_enable twice. The calltrace information is like below: [ 3078.222780] ------------[ cut here ]------------ [ 3078.230255] kernel BUG at net/core/dev.c:6991! [ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O) [ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1 [ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021 [ 3078.276801] Workqueue: hclge hclge_service_task [hclge] [ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--) [...

nvd логотип

CVE-2021-47400

CVSS3: 4
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly hns3_nic_net_open() is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call hns3_nic_net_open repeatedly, and cause kernel bug by calling napi_enable twice. The calltrace information is like below: [ 3078.222780] ------------[ cut here ]------------ [ 3078.230255] kernel BUG at net/core/dev.c:6991! [ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O) [ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G O 5.14.0-rc4+ #1 [ 3078.269102] Hardware name: , BIOS KpxxxFPGA 1P B600 V181 08/12/2021 [ 3078.276801] Workqueue: hclge hclge_service_task [hclge] [ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--) [

debian логотип

CVE-2021-47400

CVSS3: 4
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: n ...