Release Info

Advisory: CLSA-2025:1738672047

OS: CentOS 7 ELS

Public date: 2025-02-04 07:27:30

Project: kernel

Version: 3.10.0-1160.119.1.el7.tuxcare.els15

Errata link: https://errata.tuxcare.com/centos7-els/CLSA-2025-1738672047.html

Changelog

- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() {CVE-2024-50282} - drm/amdgpu: fix usage slab after free {CVE-2024-56551} - Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() {CVE-2022-3640} - netfilter: ipset: add missing range check in bitmap_ip_uadt {CVE-2024-53141} - ceph: prevent use-after-free in encode_cap_msg() {CVE-2024-26689} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603} - NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173} - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227} - af_packet: avoid erroring out after sock_init_data() in packet_create() {CVE-2024-56606} - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() {CVE-2024-56605} - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() {CVE-2024-53156} - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}

Update

Update command: yum update kernel*

Packages list

bpftool-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-debug-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-debug-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-headers-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-tools-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-tools-libs-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm python-perf-3.10.0-1160.119.1.el7.tuxcare.els15.x86_64.rpm

CVEs

CVE-2024-56603
CVE-2024-53141
CVE-2022-3640
CVE-2024-53142
CVE-2024-56604
CVE-2024-56650
CVE-2024-56551
CVE-2024-53103
CVE-2024-26689
CVE-2024-53173
CVE-2024-50282
CVE-2024-56605
CVE-2024-53227
CVE-2024-56606
CVE-2024-53156