Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: FEDORA-2024-6b7d840efe
Distribution: Fedora
Plattformen: Fedora 40
Datum: Sa, 6. April 2024, 06:55
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=2271784
https://bugzilla.redhat.com/show_bug.cgi?id=2269883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26653
https://bugzilla.redhat.com/show_bug.cgi?id=2272596
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26642
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26656
Applikationen: Linux

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2024-6b7d840efe
2024-04-05 23:09:38.915563
-------------------------------------------------------------------------------
-

Name : kernel
Product : Fedora 40
Version : 6.8.4
Release : 300.fc40
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

-------------------------------------------------------------------------------
-
Update Information:

The 6.8.3 stable kernel rebase contains improved hardware support, new
features,
and a number of important fixes across the tree.
The 6.8.2 stable kernel update contains a number of important fixes across the
tree.
-------------------------------------------------------------------------------
-
ChangeLog:

* Thu Apr 4 2024 Justin M. Forbes <jforbes@fedoraproject.org> [6.8.4-0]
- Linux v6.8.4
* Wed Apr 3 2024 Justin M. Forbes <jforbes@fedoraproject.org> [6.8.3-0]
- Fix up redhat directory for stable reabses (Justin M. Forbes)
- Add some CVE fixes for 6.8.3 (Justin M. Forbes)
- Add bug to BugsFixed (Justin M. Forbes)
- Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT"
(Johan Hovold)
- Config updates for stable (Justin M. Forbes)
- Linux v6.8.3
* Tue Mar 26 2024 Justin M. Forbes <jforbes@fedoraproject.org> [6.8.2-0]
- xfs: fix SEEK_HOLE/DATA for regions with active COW extents (Dave Chinner)
- redhat: make libperf-devel require libperf %{version}-%{release} (Jan
Stancek)
- kernel.spec: drop custom mode also for System.map ghost entry (Jan Stancek)
- kernel.spec: fix libperf-debuginfo content (Jan Stancek)
- redhat/kernel.spec.template: enable cross for base/RT (Peter Robinson)
- redhat/kernel.spec.template: Fix cross compiling (Peter Robinson)
- Add more bugs to BugsFixed (Justin M. Forbes)
- Add bug to BugsFixed (Justin M. Forbes)
- Turn on CONFIG_READ_ONLY_THP_FOR_FS for Fedora (Justin M. Forbes)
- Change fedora-stable-release.sh to use git am (Justin M. Forbes)
- drivers/firmware: skip simpledrm if nvidia-drm.modeset=1 is set (Javier
Martinez Canillas)
- Revert libcpupower soname bump for F38/39 (Justin M. Forbes)
- Fix up requires for UKI (Justin M. Forbes)
- drm/amd: Flush GFXOFF requests in prepare stage (Mario Limonciello)
- Linux v6.8.2
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #2269883 - CONFIG_READ_ONLY_THP_FOR_FS is unset
https://bugzilla.redhat.com/show_bug.cgi?id=2269883
[ 2 ] Bug #2270879 - CVE-2024-26643 kernel: netfilter: nf_tables: mark set as
dead when unbinding anonymous set with timeout
https://bugzilla.redhat.com/show_bug.cgi?id=2270879
[ 3 ] Bug #2270880 - CVE-2024-26643 kernel: netfilter: nf_tables: mark set as
dead when unbinding anonymous set with timeout [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2270880
[ 4 ] Bug #2270881 - CVE-2024-26642 kernel: netfilter: nf_tables: disallow
anonymous set with timeout flag
https://bugzilla.redhat.com/show_bug.cgi?id=2270881
[ 5 ] Bug #2270882 - CVE-2024-26642 kernel: netfilter: nf_tables: disallow
anonymous set with timeout flag [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2270882
[ 6 ] Bug #2271784 - Bluetooth: hci0: command tx timeout
https://bugzilla.redhat.com/show_bug.cgi?id=2271784
[ 7 ] Bug #2272444 - CVE-2024-26653 kernel: usb: misc: ljca: Fix double free
in error handling path
https://bugzilla.redhat.com/show_bug.cgi?id=2272444
[ 8 ] Bug #2272445 - CVE-2024-26653 kernel: usb: misc: ljca: Fix double free
in error handling path [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2272445
[ 9 ] Bug #2272446 - CVE-2024-26654 kernel: ALSA: sh: aica: reorder cleanup
operations to avoid UAF bugs
https://bugzilla.redhat.com/show_bug.cgi?id=2272446
[ 10 ] Bug #2272447 - CVE-2024-26654 kernel: ALSA: sh: aica: reorder cleanup
operations to avoid UAF bugs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2272447
[ 11 ] Bug #2272530 - CVE-2024-26655 kernel: posix-clock: memory leak in
posix_clock_open()
https://bugzilla.redhat.com/show_bug.cgi?id=2272530
[ 12 ] Bug #2272531 - CVE-2024-26655 kernel: Fix memory leak in
posix_clock_open() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2272531
[ 13 ] Bug #2272596 - Kernel null pointer dereference in 6.7.11 and 6.8.2
https://bugzilla.redhat.com/show_bug.cgi?id=2272596
[ 14 ] Bug #2272687 - CVE-2024-26657 kernel: drm/sched: fix null-ptr-deref in
init entity
https://bugzilla.redhat.com/show_bug.cgi?id=2272687
[ 15 ] Bug #2272688 - CVE-2024-26657 kernel: drm/sched: fix null-ptr-deref in
init entity [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2272688
[ 16 ] Bug #2272692 - CVE-2024-26656 kernel: drm/amdgpu: use-after-free
vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=2272692
[ 17 ] Bug #2272693 - CVE-2024-26656 kernel: drm/amdgpu: fix use-after-free
bug [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2272693
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-6b7d840efe' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
--
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung