An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended
Update Support.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
* kernel: block: null pointer dereference in ioctl.c when length and logical
block size are misaligned (CVE-2023-52458)
* kernel: ext4: regenerate buddy after block freeing failed if under fc replay
(CVE-2024-26601)
* kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]
(CVE-2023-52635)
* kernel: bpf: Fix racing between bpf_timer_cancel_and_free and
bpf_timer_cancel (CVE-2024-26737)
* kernel: bnxt: prevent skb UAF after handing over to PTP worker
(CVE-2022-48637)
* kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping
addresses (CVE-2024-26947)
* kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(CVE-2024-26930)
* kernel: nouveau: lock the client object tree. (CVE-2024-27062)
* kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)
* kernel: vt: fix unicode buffer corruption when deleting characters
(CVE-2024-35823)
* kernel: netfilter: validate user input for expected length (CVE-2024-35896)
* kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)
* kernel: netfilter: complete validation of user input (CVE-2024-35962)
* kernel: scsi: libfc: Fix potential NULL pointer dereference in
fc_lport_ptp_setup() (CVE-2023-52809)
* kernel: i40e: fix vf may be used uninitialized in this function warning
(CVE-2024-36020)
* kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
(CVE-2024-36017)
* kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs
(CVE-2024-36929)
* kernel: drm/vmwgfx: Fix invalid reads in fence signaled events
(CVE-2024-36960)
* kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
(CVE-2024-33621)
* kernel: blk-cgroup: fix list corruption from reorder of WRITE
->lqueued (CVE-2024-38384)
* kernel: blk-cgroup: fix list corruption from resetting io stat
(CVE-2024-38663)
* kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2022-48637: Use After Free (CWE-416)
CVE-2023-52458: NULL Pointer Dereference (CWE-476)
CVE-2023-52635: Missing Lock Check (CWE-414)
CVE-2023-52809: NULL Pointer Dereference (CWE-476)
CVE-2023-52885
CVE-2024-26601: Incorrect Access of Indexable Resource ('Range Error')
(CWE-118)
CVE-2024-26737: Use After Free (CWE-416)
CVE-2024-26930
CVE-2024-26947
CVE-2024-27030
CVE-2024-27062
CVE-2024-33621
CVE-2024-35823
CVE-2024-35885
CVE-2024-35896
CVE-2024-35962
CVE-2024-36017: Out-of-bounds Read (CWE-125)
CVE-2024-36020: Concurrent Execution using Shared Resource with Improper
Synchronization ('Race Condition') (CWE-362)
CVE-2024-36929: Untrusted Pointer Dereference (CWE-822)
CVE-2024-36960: Out-of-bounds Read (CWE-125)
CVE-2024-38384: Improper Control of Resource Identifiers ('Resource
Injection') (CWE-99)
CVE-2024-38663: Improper Initialization (CWE-665)
|
