Описание
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
-
kernel: ipvs: properly dereference pe in ip_vs_add_service (CVE-2024-42322)
-
kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
-
kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
-
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (CVE-2025-21927)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2305437
- Red Hat - 2305467
- Red Hat - 2309853
- Red Hat - 2315178
- Red Hat - 2356593
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove.
In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove.
In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove.
In the Linux kernel, the following vulnerability has been resolved: k ...