Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:4583

Опубликовано: 26 июл. 2024
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)

  • kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

  • kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)

  • kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)

  • kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)

  • kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)

  • kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858)

  • kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)

  • kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)

  • kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)

  • kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)

  • kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)

  • kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)

  • kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)

  • kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)

  • kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)

  • kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
bpftoolx86_64427.26.1.el9_4bpftool-7.3.0-427.26.1.el9_4.x86_64.rpm
kernelx86_64427.26.1.el9_4kernel-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-abi-stablelistsnoarch427.26.1.el9_4kernel-abi-stablelists-5.14.0-427.26.1.el9_4.noarch.rpm
kernel-corex86_64427.26.1.el9_4kernel-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debugx86_64427.26.1.el9_4kernel-debug-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-corex86_64427.26.1.el9_4kernel-debug-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modulesx86_64427.26.1.el9_4kernel-debug-modules-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modules-corex86_64427.26.1.el9_4kernel-debug-modules-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modules-extrax86_64427.26.1.el9_4kernel-debug-modules-extra-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-uki-virtx86_64427.26.1.el9_4kernel-debug-uki-virt-5.14.0-427.26.1.el9_4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-47548
CVE-2021-47596
CVE-2022-48627
CVE-2023-52638
CVE-2024-26783
CVE-2024-26858
CVE-2024-27397
CVE-2024-27435
CVE-2024-35958
CVE-2024-36270
CVE-2024-36886
CVE-2024-36904
CVE-2024-36957
CVE-2024-38543
CVE-2024-38586
CVE-2024-38593
CVE-2024-38663

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2024-4583

oracle-oval
11 месяцев назад

ELSA-2024-4583: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2021-47548

CVSS3: 9.8
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

redhat логотип

CVE-2021-47548

CVSS3: 6
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

nvd логотип

CVE-2021-47548

CVSS3: 9.8
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, we first check port and if it is greater than or equal to DSAF_MAX_PORT_NUM, the function returns.

debian логотип

CVE-2021-47548

CVSS3: 9.8
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: e ...