Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:0065

Опубликовано: 11 янв. 2025
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: i40e: fix race condition by adding filter's intermediate sync state (CVE-2024-53088)

  • kernel: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (CVE-2024-53122)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.34.1.el8_10bpftool-4.18.0-553.34.1.el8_10.x86_64.rpm
kernelx86_64553.34.1.el8_10kernel-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.34.1.el8_10kernel-abi-stablelists-4.18.0-553.34.1.el8_10.noarch.rpm
kernel-corex86_64553.34.1.el8_10kernel-core-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-cross-headersx86_64553.34.1.el8_10kernel-cross-headers-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-debugx86_64553.34.1.el8_10kernel-debug-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.34.1.el8_10kernel-debug-core-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.34.1.el8_10kernel-debug-devel-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.34.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.34.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.34.1.el8_10kernel-debug-modules-4.18.0-553.34.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-53088
CVE-2024-53122

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-0065

oracle-oval
5 месяцев назад

ELSA-2025-0065: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2024-53122

CVSS3: 5.5
ubuntu
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg() spooling data received on an already established subflow would unconditionally call tcp_cleanup_rbuf() on all the current subflows, potentially hitting a divide by zero error on the newly created ones. Explicitly check that the subflow is in a suitable state before invoking tcp_cleanup_rbuf().

redhat логотип

CVE-2024-53122

CVSS3: 5.9
redhat
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg() spooling data received on an already established subflow would unconditionally call tcp_cleanup_rbuf() on all the current subflows, potentially hitting a divide by zero error on the newly created ones. Explicitly check that the subflow is in a suitable state before invoking tcp_cleanup_rbuf().

nvd логотип

CVE-2024-53122

CVSS3: 5.5
nvd
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg() spooling data received on an already established subflow would unconditionally call tcp_cleanup_rbuf() on all the current subflows, potentially hitting a divide by zero error on the newly created ones. Explicitly check that the subflow is in a suitable state before invoking tcp_cleanup_rbuf().

msrc логотип

CVE-2024-53122

CVSS3: 5.5
msrc
5 месяцев назад

Описание отсутствует