Advisory: CLSA-2024:1725876080
OS: CentOS 8.5 ELS
Public date: 2024-09-09 06:01:23
Project: kernel
Version: 4.18.0-348.7.1.el8_5.tuxcare.els19
Errata link: https://errata.tuxcare.com/els_os/centos8.5els/CLSA-2024-1725876080.html
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list {CVE-2024-40956} - userfaultfd: fix a race between writeprotect and exit_mmap() {CVE-2021-47461} - netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397} - x86/sev: Harden #VC instruction emulation somewhat {CVE-2024-25742} - bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD {CVE-2024-42161} - selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro {CVE-2024-42161} - pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940} - pinctrl: core: fix possible memory leak in pinctrl_enable() {CVE-2024-36940} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - wifi: mt76: replace skb_put with skb_put_zero {CVE-2024-42225} - ata: libata-core: Fix double free on error {CVE-2024-41087} - drm/amdgpu: add error handle to avoid out-of-bounds {CVE-2024-39471} - drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552} - net: sched: sch_multiq: fix possible OOB write in multiq_tune() {CVE-2024-36978} - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - net/sched: flower: Fix chain template offload {CVE-2024-26669} - ipv6: Remove extra counter pull before gc {CVE-2023-52340} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - net/dst: use a smaller percpu_counter batch for dst entries accounting {CVE-2023-52340} - net: add a route cache full diagnostic message {CVE-2023-52340} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779} - tcp_metrics: validate source addr length {CVE-2024-42154} - net: fix out-of-bounds access in ops_init {CVE-2024-36883} - tap: add missing verification for short frame {CVE-2024-41090} - tun: add missing verification for short frame {CVE-2024-41091} - iommu: Fix potential use-after-free during probe {CVE-2022-48796} - nvme: fix a possible use-after-free in controller reset during load {CVE-2022-48790} - nvme-tcp: fix possible use-after-free in transport error_recovery work {CVE-2022-48789} - nvme-rdma: fix possible use-after-free in transport error_recovery work {CVE-2022-48788} - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() {CVE-2024-26773} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() {CVE-2024-26772} - ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704} - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove {CVE-2024-26698} - ubi: Check for too small LEB size in VTBL code {CVE-2024-25739} - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool {CVE-2023-52811} - arp: Prevent overflow in arp_req_get(). {CVE-2024-26733} - SUNRPC: Fix a suspicious RCU usage warning {CVE-2023-52623} - ext4: avoid online resizing failures due to oversized flex bg {CVE-2023-52622} - pstore/ram: Fix crash when setting number of cpus to an odd number {CVE-2023-52619} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - drm: Don't unref the same fb many times by mistake due to deadlock handling {CVE-2023-52486} - net: amd-xgbe: Fix skb data length underflow {CVE-2022-48743} - tracing: Restructure trace_clock_global() to never block {CVE-2021-46939} - tcp: make sure init the accept_queue's spinlocks once {CVE-2024-26614} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228} - gfs2: Fix potential glock use-after-free on unmount {CVE-2024-38570} - gfs2: Rename sd_{ glock => kill }_wait {CVE-2024-38570} - gfs2: Use container_of() for gfs2_glock(aspace) {CVE-2024-38570} - gfs2: Remove ill-placed consistency check {CVE-2024-38570} - gfs2: introduce new gfs2_glock_assert_withdraw {CVE-2024-38570} - gfs2: simplify gdlm_put_lock with out_free label {CVE-2024-38570} - gfs2: Expect -EBUSY after canceling dlm locking requests {CVE-2024-38570} - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path {CVE-2024-26925} - netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668} - sched/psi: Fix use-after-free in ep_remove_wait_queue() {CVE-2023-52707} - wait: add wake_up_pollfree() {CVE-2023-52707}
Update command: dnf update kernel*
bpftool-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-core-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-cross-headers-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-core-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-modules-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-debug-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-headers-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-ipaclones-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-modules-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-selftests-internal-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-tools-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-tools-libs-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm perf-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm python3-perf-4.18.0-348.7.1.el8_5.tuxcare.els19.x86_64.rpm