Release Info

Advisory: CLSA-2024:1722977546

OS: CentOS 8.4 ELS

Public date: 2024-08-06 16:52:28

Project: kernel

Version: 4.18.0-305.25.1.el8_4.tuxcare.els18

Errata link: https://errata.tuxcare.com/els_os/centos8.4els/CLSA-2024-1722977546.html

Changelog

- ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494} - ima: define ima_max_digest_data struct without a flexible array variable - ima: detect changes to the backing overlay file - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). {CVE-2024-36904} - af_unix: Fix garbage collector racing against connect() {CVE-2024-26923} - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() {CVE-2024-26852} - net/mlx5: Fix a race on command flush flow {CVE-2022-48858} - sctp: fix kernel-infoleak for SCTP sockets {CVE-2022-48855} - libbpf: Fix use-after-free in btf_dump_name_dups {CVE-2022-3534} - net: fix __dst_negative_advice() race {CVE-2024-36971} - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' {CVE-2021-33631} - tipc: fix UAF in error path {CVE-2024-36886} - smb: client: fix parsing of SMB3.1.1 POSIX create context {CVE-2023-52434} - smb: client: fix potential OOBs in smb2_parse_contexts() {CVE-2023-52434} - perf: Disallow mis-matched inherited group reads {CVE-2023-5717} - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). {CVE-2023-4622} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - i2c: Fix a potential use after free {CVE-2019-25162}

Update

Update command: dnf update kernel*

Packages list

bpftool-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm perf-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els18.x86_64.rpm

CVEs

CVE-2023-52434
CVE-2024-36886
CVE-2022-48858
CVE-2023-5717
CVE-2024-26923
CVE-2022-48855
CVE-2022-3534
CVE-2024-26852
CVE-2023-4622
CVE-2024-36904
CVE-2019-25162
CVE-2024-39494
CVE-2023-1077
CVE-2024-36971
CVE-2021-33631