Release Info

Advisory: CLSA-2024:1728297376

OS: CentOS 6 ELS

Public date: 2024-10-07 06:36:18

Project: kernel

Version: 2.6.32-754.35.8.el6.tuxcare.els18

Errata link: https://errata.cloudlinux.com/els6/CLSA-2024-1728297376.html

Changelog

- btrfs: fix use-after-free after failure to create a snapshot {CVE-2022-48733} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - dm btree remove: fix use after free in rebalance_children() {CVE-2021-47600} - isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-4439} - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() {CVE-2021-47576} - igbvf: fix double free in `igbvf_probe` {CVE-2021-47589} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}

Update

Update command: yum update kernel*

Packages list

kernel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm kernel-debug-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.i686.rpm kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm kernel-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm kernel-doc-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm kernel-headers-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm python-perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm

CVEs

CVE-2024-46757
CVE-2021-47589
CVE-2024-43882
CVE-2023-39197
CVE-2021-47576
CVE-2024-46673
CVE-2024-41071
CVE-2024-42301
CVE-2021-4439
CVE-2024-44987
CVE-2021-47600
CVE-2024-42280
CVE-2022-48733