drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
| Name: |
Mehrere Probleme in Linux |
|
| ID: |
RHSA-2025:4342 |
|
| Distribution: |
Red Hat |
|
| Plattformen: |
Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4) |
|
| Datum: |
Mi, 30. April 2025, 06:32 |
|
| Referenzen: |
https://access.redhat.com/security/cve/CVE-2024-35944
https://bugzilla.redhat.com/show_bug.cgi?id=2281817
https://bugzilla.redhat.com/show_bug.cgi?id=2293408
https://bugzilla.redhat.com/show_bug.cgi?id=2300508
https://access.redhat.com/security/cve/CVE-2024-42070
https://access.redhat.com/security/cve/CVE-2024-42301
https://access.redhat.com/security/cve/CVE-2024-26743
https://bugzilla.redhat.com/show_bug.cgi?id=2281255
https://bugzilla.redhat.com/show_bug.cgi?id=2281807
https://access.redhat.com/security/cve/CVE-2023-52528
https://bugzilla.redhat.com/show_bug.cgi?id=2305446
https://access.redhat.com/errata/RHSA-2025:4342
https://access.redhat.com/security/cve/CVE-2024-38581
https://bugzilla.redhat.com/show_bug.cgi?id=2282680
https://bugzilla.redhat.com/show_bug.cgi?id=2273262
https://access.redhat.com/security/cve/CVE-2024-42114
https://access.redhat.com/security/cve/CVE-2024-36004
https://access.redhat.com/security/cve/CVE-2024-35853
https://bugzilla.redhat.com/show_bug.cgi?id=2301477
https://access.redhat.com/security/cve/CVE-2024-35939
https://bugzilla.redhat.com/show_bug.cgi?id=2267789
https://access.redhat.com/security/cve/CVE-2023-52878
https://bugzilla.redhat.com/show_bug.cgi?id=2281953 |
|
| Applikationen: |
Linux |
|
Originalnachricht |
An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended
Update Support.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The kernel packages contain the Linux kernel, the core of any Linux operating
system.
Security Fix(es):
* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
(CVE-2023-52528)
* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)
* kernel: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
(CVE-2024-35853)
* kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
(CVE-2024-35944)
* kernel: dma-direct: Leak pages on dma_set_decrypted() failure
(CVE-2024-35939)
* kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)
* kernel: can: dev: can_put_echo_skb(): don't crash kernel if
can_priv::echo_skb is accessed out of bounds (CVE-2023-52878)
* kernel: drm/amdgpu/mes: fix use-after-free issue (CVE-2024-38581)
* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
registers (CVE-2024-42070)
* kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
(CVE-2024-42114)
* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2023-52528: Unchecked Return Value (CWE-252)
CVE-2023-52878: Out-of-bounds Read (CWE-125)
CVE-2024-26743: Incomplete Cleanup (CWE-459)
CVE-2024-35853
CVE-2024-35939
CVE-2024-35944
CVE-2024-36004
CVE-2024-38581
CVE-2024-42070: Exposure of Sensitive Information to an Unauthorized Actor
(CWE-200)
CVE-2024-42114: Uncontrolled Resource Consumption (CWE-400)
CVE-2024-42301
|
|
|
|
