Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:2473

Опубликовано: 29 июл. 2025
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: HID: core: zero-initialize the report buffer (CVE-2024-50302)

  • kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (CVE-2024-53197)

  • kernel: scsi: megaraid_sas: Fix for a potential deadlock (CVE-2024-57807)

  • kernel: pps: Fix a use-after-free (CVE-2024-57979)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.44.1.el8_10bpftool-4.18.0-553.44.1.el8_10.x86_64.rpm
kernelx86_64553.44.1.el8_10kernel-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.44.1.el8_10kernel-abi-stablelists-4.18.0-553.44.1.el8_10.noarch.rpm
kernel-corex86_64553.44.1.el8_10kernel-core-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-cross-headersx86_64553.44.1.el8_10kernel-cross-headers-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debugx86_64553.44.1.el8_10kernel-debug-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.44.1.el8_10kernel-debug-core-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.44.1.el8_10kernel-debug-devel-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.44.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.44.1.el8_10kernel-debug-modules-4.18.0-553.44.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-50302
CVE-2024-53197
CVE-2024-57807
CVE-2024-57979

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-2473

oracle-oval
5 месяцев назад

ELSA-2025-2473: kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2025-2501

oracle-oval
4 месяца назад

ELSA-2025-2501: kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2025-2627

oracle-oval
5 месяцев назад

ELSA-2025-2627: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2024-50302

CVSS3: 5.5
ubuntu
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

redhat логотип

CVE-2024-50302

CVSS3: 6.1
redhat
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.