RHEL 9 : kernel (RHSA-2024:9315)

high Nessus Plugin ID 210815

Language:

Synopsis

The remote Red Hat host is missing one or more security updates for kernel.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9315 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: bluetooth: BR/EDR Bluetooth Impersonation Attacks (BIAS) (CVE-2020-10135)

* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)

* kernel: use-after-free in cec_queue_msg_fh (CVE-2024-23848)

* kernel: stack overflow problem in Open vSwitch kernel module leading to DoS (CVE-2024-1151)

* kernel: crash due to a missing check for leb_size (CVE-2024-25739)

* kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach (CVE-2024-26591)

* kernel: powerpc: Fix access beyond end of drmem array (CVE-2023-52451)

* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)

* kernel: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (CVE-2024-26589)

* kernel: iommu: Don't reserve 0-length IOVA region (CVE-2023-52455)

* kernel: bpf: fix check for attempt to corrupt spilled pointer (CVE-2023-52462)

* kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)

* kernel: PCI/ASPM: Fix deadlock when enabling ASPM (CVE-2024-26605)

* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)

* kernel: ext4: regenerate buddy after block freeing failed if under fc replay (CVE-2024-26601)

* kernel: out-of-bounds read in pci_dev_for_each_resource() (CVE-2023-52466)

* kernel:null pointer dereference in of_syscon_register() (CVE-2023-52467)

* kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)

* kernel: net/bluetooth: race condition in {conn,adv}_{min,max}_interval_set() function (CVE-2024-24858)

* kernel: use after free in i2c (CVE-2019-25162)

* kernel: NULL pointer dereference in zone registration error path (CVE-2023-52473)

* kernel: use-after-free in powermate_config_complete (CVE-2023-52475)

* kernel: x86/srso: Add SRSO mitigation for Hygon processors (CVE-2023-52482)

* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)

* kernel: NULL Pointer dereference bluetooth allows Overflow Buffers (CVE-2024-22099)

* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)

* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)

* kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)

* kernel: ring-buffer: Do not attempt to read past commit (CVE-2023-52501)

* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)

* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)

* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)

* kernel: asix: fix uninit-value in asix_mdio_read() (CVE-2021-47101)

* kernel: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations (CVE-2021-47098)

* kernel: powerpc/lib: Validate size for vector operations (CVE-2023-52606)

* kernel: wifi: rt2x00: restart beacon queue when hardware reset (CVE-2023-52595)

* kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (CVE-2023-52594)

* kernel: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() (CVE-2023-52585)

* kernel: PM: sleep: Fix possible deadlocks in core system-wide PM code (CVE-2023-52498)

* kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)

* kernel: mm: migrate: fix getting incorrect page mapping during page migration (CVE-2023-52490)

* hw: arm64/sme: Always exit sme_alloc() early with existing storage (CVE-2024-26618)

* kernel: netfs, fscache: Prevent Oops in fscache_put_cache() (CVE-2024-26612)

* kernel: xsk: fix usage of multi-buffer BPF helpers for ZC XDP (CVE-2024-26611)

* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)

* kernel: PM / devfreq: Fix buffer overflow in trans_stat_show (CVE-2023-52614)

* kernel: pstore/ram: Fix crash when setting number of cpus to an odd number (CVE-2023-52619)

* kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng (CVE-2023-52615)

* kernel: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (CVE-2024-26641)

* kernel: nbd: always initialize struct msghdr completely (CVE-2024-26638)

* kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (CVE-2024-26631)

* kernel: tracing: Ensure visibility when inserting an element into tracing_map (CVE-2024-26645)

* kernel: drm/amd/display: Refactor DMCUB enter/exit idle interface (CVE-2023-52625)

* kernel: drm/amd/display: Wake DMCUB before executing GPINT commands (CVE-2023-52624)

* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)

* kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers (CVE-2023-52621)

* kernel: thermal: intel: hfi: Add syscore callbacks for system-wide PM (CVE-2024-26646)

* kernel: p2sb_bar() calls during PCI device probe (CVE-2024-26650)

* kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)

* kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 (CVE-2024-26660)

* kernel: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' (CVE-2024-26661)

* kernel: drm/amd/display: 'panel_cntl' could be null in 'dcn21_set_backlight_level()' (CVE-2024-26662)

* kernel: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (CVE-2024-26663)

* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)

* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)

* kernel: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (CVE-2024-26670)

* kernel: drm/amdkfd: lock dependency warning with srcu (CVE-2023-52632)

* kernel: drm/amd/display: Fix disable_otg_wa logic (CVE-2023-52634)

* kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop] (CVE-2023-52635)

* kernel: drm/amdgpu: variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' (CVE-2024-26672)

* kernel: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (CVE-2024-26674)

* kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)

* kernel: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section (CVE-2024-26678)

* kernel: inet: read sk->sk_family once in inet_recv_error() (CVE-2024-26679)

* kernel: net: atlantic: Fix DMA mapping for PTP hwts ring (CVE-2024-26680)

* kernel: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) (CVE-2023-52637)

* kernel: KVM: arm64: Fix circular locking dependency (CVE-2024-26691)

* kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (CVE-2024-26686)

* kernel: drm/amd/display: Fix MST Null Ptr for RV (CVE-2024-26700)

* kernel: dpll: fix possible deadlock during netlink dump operation (CVE-2024-26725)

* kernel: nouveau: offload fence uevents work to workqueue (CVE-2024-26719)

* kernel: HID: i2c-hid-of: fix NULL-deref on failed power up (CVE-2024-26717)

* kernel: powerpc/kasan: Fix addr error caused by page alignment (CVE-2024-26712)

* kernel: mptcp: really cope with fastopen race (CVE-2024-26708)

* kernel: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() (CVE-2024-26707)

* kernel: ext4: fix double-free of blocks due to wrong extents moved_len (CVE-2024-26704)

* kernel: drm/amd/display: fixed integer types and null check locations (CVE-2024-26767)

* kernel: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (CVE-2024-26761)

* kernel: mm/swap: fix race when skipping swapcache (CVE-2024-26759)

* kernel: md: Don't ignore suspended array in md_check_recovery() (CVE-2024-26758)

* kernel: md: Don't ignore read-only array in md_check_recovery() (CVE-2024-26757)

* kernel: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (CVE-2024-26774)

* kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)

* kernel: arp: Prevent overflow in arp_req_get(). (CVE-2024-26733)

* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)

* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)

* kernel: net/sched: act_mirred: use the backlog for mirred ingress (CVE-2024-26740)

* kernel: dmaengine: idxd: Ensure safe user copy of completion record (CVE-2024-26746)

* kernel: net: veth: clear GRO when clearing XDP even when down (CVE-2024-26803)

* kernel: iommufd: Fix iopt_access_list_id overwrite bug (CVE-2024-26786)

* kernel: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (CVE-2024-26785)

* kernel: mptcp: fix double-free on socket dismantle (CVE-2024-26782)

* kernel: vfio/pci: Create persistent INTx handler (CVE-2024-26812)

* kernel: vfio/pci: Disable auto-enable of exclusive INTx IRQ (CVE-2024-27437)

* kernel: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check (CVE-2024-26815)

* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)

* kernel: nvme-fc: do not wait in vain when unloading module (CVE-2024-26846)

* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)

* kernel: cachefiles: fix memory leak in cachefiles_add_cache() (CVE-2024-26840)

* kernel: RDMA/irdma: Fix KASAN issue with tasklet (CVE-2024-26838)

* kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload (CVE-2024-26837)

* kernel: netfilter: nf_tables: set dormant flag on hook register failure (CVE-2024-26835)

* kernel: iio: core: fix memleak in iio_device_register_sysfs (CVE-2023-52643)

* kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)

* kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)

* kernel: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (CVE-2024-26903)

* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)

* kernel: md: fix kmemleak of rdev->serial (CVE-2024-26900)

* kernel: block: fix deadlock between bd_link_disk_holder and partition scan (CVE-2024-26899)

* kernel: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (CVE-2024-26894)

* kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq() (CVE-2024-26892)

* kernel: Bluetooth: btrtl: fix out of bounds memory access (CVE-2024-26890)

* kernel: Bluetooth: hci_core: Fix possible buffer overflow (CVE-2024-26889)

* kernel: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() (CVE-2024-26882)

* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)

* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)

* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)

* kernel: hsr: Fix uninit-value access in hsr_get_node() (CVE-2024-26863)

* kernel: packet: annotate data-races around ignore_outgoing (CVE-2024-26862)

* kernel: wireguard: receive: annotate data-race around receiving_counter.counter (CVE-2024-26861)

* kernel: geneve: make sure to pull inner header in geneve_rx() (CVE-2024-26857)

* kernel: tracing/trigger: Fix to return error if failed to alloc snapshot (CVE-2024-26920)

* kernel: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit (CVE-2024-26915)

* kernel: inet: inet_defrag: prevent sk release while still in use (CVE-2024-26921)

* kernel: drm/amdgpu: validate the parameters of bo mapping operations more clearly (CVE-2024-26922)

* kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)

* kernel: ASoC: SOF: Add some bounds checking to firmware data (CVE-2024-26927)

* kernel: smb: client: potential use-after-free in cifs_debug_files_proc_show() (CVE-2024-26928)

* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)

* kernel: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (CVE-2024-26962)

* kernel: mm: swap: fix race between free_swap_and_cache() and swapoff() (CVE-2024-26960)

* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)

* kernel: net: esp: fix bad handling of pages from page_pool (CVE-2024-26953)

* kernel: wireguard: netlink: check for dangling peer via is_dead instead of empty list (CVE-2024-26951)

* kernel: wireguard: netlink: access device through ctx instead of peer (CVE-2024-26950)

* kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (CVE-2024-26940)

* kernel: drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939)

* kernel: drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (CVE-2024-26938)

* kernel: drm/i915/gt: Reset queue_priority_hint on parking (CVE-2024-26937)

* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)

* kernel: USB: core: Fix deadlock in port disable sysfs attribute (CVE-2024-26933)

* kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)

* kernel: netfilter: flowtable: incorrect pppoe tuple (CVE-2024-27015)

* kernel: net/mlx5e: Prevent deadlock while disabling aRFS (CVE-2024-27014)

* kernel: tun: limit printing rate when illegal packet received by tun dev (CVE-2024-27013)

* kernel: netfilter: nf_tables: restore set elements when delete set fails (CVE-2024-27012)

* kernel: netfilter: nf_tables: fix memleak in map from abort path (CVE-2024-27011)

* kernel: net/sched: Fix mirred deadlock on device recursion (CVE-2024-27010)

* kernel: clk: Get runtime PM before walking tree during disable_unused (CVE-2024-27004)

* kernel: clk: Get runtime PM before walking tree for clk_summary (CVE-2024-27003)

* kernel: KVM: x86/pmu: Disable support for adaptive PEBS (CVE-2024-26992)

* kernel: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (CVE-2024-26990)

* kernel: arm64: hibernate: Fix level3 translation fault in swsusp_save() (CVE-2024-26989)

* kernel: init/main.c: Fix potential static_command_line memory overflow (CVE-2024-26988)

* kernel: mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled (CVE-2024-26987)

* kernel: nouveau: fix instmem race condition around ptr stores (CVE-2024-26984)

* kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)

* kernel: powercap: intel_rapl: Fix a NULL pointer dereference (CVE-2024-26975)

* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)

* kernel: nouveau: lock the client object tree. (CVE-2024-27062)

* kernel: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (CVE-2024-27057)

* kernel: wifi: brcm80211: handle pmk_op allocation failure (CVE-2024-27048)

* kernel: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (CVE-2024-27042)

* kernel: clk: Fix clk_core_get NULL dereference (CVE-2024-27038)

* kernel: nbd: null check for nla_nest_start (CVE-2024-27025)

* kernel: md: Fix missing release of 'active_io' for flush (CVE-2024-27023)

* kernel: iommu/vt-d: Fix NULL domain on device release (CVE-2024-27079)

* kernel: drm/tegra: dsi: Add missing check for of_find_device_by_node (CVE-2023-52650)

* kernel: drm/vkms: Avoid reading beyond LUT array (CVE-2023-52649)

* kernel: pstore: inode: Only d_invalidate() is needed (CVE-2024-27389)

* kernel: powerpc/pseries: Fix potential memleak in papr_get_attr() (CVE-2022-48669)

* kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state (CVE-2023-52648)

* kernel: of: fdt: fix off-by-one error in unflatten_dt_nodes() (CVE-2022-48672)

* kernel: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR (CVE-2022-48703)

* kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit (CVE-2024-27395)

* kernel: io_uring: drop any code related to SCM_RIGHTS (CVE-2023-52656)

* kernel: dm-raid: really frozen sync_thread during suspend (CVE-2024-35794)

* kernel: md/md-bitmap: fix incorrect usage for sb_index (CVE-2024-35787)

* kernel: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program (CVE-2024-27431)

* kernel: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (CVE-2024-27414)

* kernel: wifi: nl80211: reject iftype change with mesh ID change (CVE-2024-27410)

* kernel: mptcp: fix data races on remote_id (CVE-2024-27404)

* kernel: ALSA: usb-audio: Stop parsing channels bits when all channels are found. (CVE-2024-27436)

* kernel: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (CVE-2023-52659)

* kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs (CVE-2024-35795)

* kernel: wifi: mac80211: fix potential sta-link leak (CVE-2024-35838)

* kernel: net/mlx5e: fix a double-free in arfs_create_groups (CVE-2024-35835)

* kernel: io_uring: Fix release of pinned pages when __io_uaddr_map fails (CVE-2024-35831)

* kernel: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (CVE-2024-35827)

* kernel: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume (CVE-2024-35824)

* kernel: usb: udc: remove warning when queue disabled ep (CVE-2024-35822)

* kernel: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (CVE-2024-35817)

* kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling (CVE-2024-35814)

* kernel: usb: cdc-wdm: close race between read and workqueue (CVE-2024-35812)

* kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory (CVE-2024-35810)

* kernel: PCI/PM: Drain runtime-idle callbacks before driver removal (CVE-2024-35809)

* kernel: md/dm-raid: don't call md_reap_sync_thread() directly (CVE-2024-35808)

* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)

* kernel: dm snapshot: fix lockup in dm_exception_table_exit (CVE-2024-35805)

* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)

* kernel: block: fix module reference leakage from bdev_open_by_dev error path (CVE-2024-35859)

* kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (CVE-2024-35855)

* kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (CVE-2024-35854)

* kernel: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (CVE-2024-35853)

* kernel: irqchip/gic-v3-its: Prevent double free on error (CVE-2024-35847)

* kernel: iommu/vt-d: Use device rbtree in iopf reporting path (CVE-2024-35843)

* kernel: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (CVE-2024-35840)

* kernel: calipso: fix memory leak in netlbl_calipso_add_pass() (CVE-2023-52698)

* kernel: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL (CVE-2023-52697)

* kernel: powerpc/powernv: Add a null pointer check in opal_powercap_init() (CVE-2023-52696)

* kernel: powerpc/powernv: Add a null pointer check to scom_debug_init_one() (CVE-2023-52690)

* kernel: ALSA: scarlett2: Add missing mutex lock around get meter levels (CVE-2023-52689)

* kernel: powerpc/powernv: Add a null pointer check in opal_event_init() (CVE-2023-52686)

* kernel: ACPI: LPIT: Avoid u32 multiplication overflow (CVE-2023-52683)

* kernel: ALSA: scarlett2: Add missing error checks to *_ctl_get() (CVE-2023-52680)

* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)

* kernel: bpf: Guard stack limits against 32bit overflow (CVE-2023-52676)

* kernel: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() (CVE-2023-52674)

* kernel: net: atlantic: eliminate double free in error handling logic (CVE-2023-52664)

* kernel: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() (CVE-2023-52663)

* kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (CVE-2023-52662)

* kernel: drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (CVE-2023-52661)

* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)

* kernel: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (CVE-2024-35928)

* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)

* kernel: drm/amdgpu: Skip do PCI error slot reset during RAS recovery (CVE-2024-35931)

* kernel: drm: Check output polling initialized before disabling (CVE-2024-35927)

* kernel: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (CVE-2024-35913)

* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)

* kernel: tls: get psock ref after taking rxlock to avoid leak (CVE-2024-35908)

* kernel: bpf: Protect against int overflow for stack access size (CVE-2024-35905)

* kernel: selinux: avoid dereference of garbage after mount failure (CVE-2024-35904)

* kernel: netfilter: nf_tables: reject new basechain after table flag update (CVE-2024-35900)

* kernel: mptcp: prevent BPF accessing lowat from a subflow socket. (CVE-2024-35894)

* kernel: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (CVE-2024-35892)

* kernel: erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)

* kernel: ipv6: Fix infinite recursion in fib6_dump_done(). (CVE-2024-35886)

* kernel: io_uring/kbuf: hold io_buffer_list reference over mmap (CVE-2024-35880)

* kernel: of: module: prevent NULL pointer dereference in vsnprintf() (CVE-2024-35878)

* kernel: x86/mm/pat: fix VM_PAT handling in COW mappings (CVE-2024-35877)

* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)

* kernel: mm/secretmem: fix GUP-fast succeeding on secretmem folios (CVE-2024-35872)

* kernel: smb: client: guarantee refcounted children from parent session (CVE-2024-35869)

* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)

* kernel: smb: client: fix potential UAF in cifs_stats_proc_show() (CVE-2024-35867)

* kernel: usb: typec: ucsi: Limit read size on v1.2 (CVE-2024-35924)

* kernel: smb: client: fix potential UAF in cifs_dump_full_key() (CVE-2024-35866)

* kernel: io_uring: clear opcode specific data for an early failure (CVE-2024-35923)

* kernel: smb: client: fix potential UAF in smb2_is_valid_oplock_break() (CVE-2024-35865)

* kernel: smb: client: fix potential UAF in smb2_is_valid_lease_break() (CVE-2024-35864)

* kernel: smb: client: fix potential UAF in is_valid_oplock_break() (CVE-2024-35863)

* kernel: smb: client: fix potential UAF in smb2_is_network_name_deleted() (CVE-2024-35862)

* kernel: randomize_kstack: Improve entropy diffusion (CVE-2024-35918)

* kernel: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() (CVE-2024-35861)

* kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (CVE-2024-35944)

* kernel: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (CVE-2024-35942)

* kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)

* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)

* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)

* kernel: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue (CVE-2024-35991)

* kernel: bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS (CVE-2024-35983)

* kernel: raid1: fix use-after-free for original bio in raid1_write_request() (CVE-2024-35979)

* kernel: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (CVE-2024-35976)

* kernel: geneve: fix header validation in geneve[6]_xmit_skb (CVE-2024-35973)

* kernel: net/mlx5e: Fix mlx5e_priv_init() cleanup flow (CVE-2024-35959)

* kernel: iommu/vt-d: Fix WARN_ON in iommu probe path (CVE-2024-35957)

* kernel: scsi: sg: Avoid sg device teardown race (CVE-2024-35954)

* kernel: drm/ast: Fix soft lockup (CVE-2024-35952)

* kernel: drm/client: Fully protect modes[] with dev->mode_config.mutex (CVE-2024-35950)

* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)

* kernel: ACPI: CPPC: Use access_width over bit_width for system memory accesses (CVE-2024-35995)

* kernel: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI (CVE-2021-47429)

* kernel: powerpc/64s: fix program check interrupt emergency stack path (CVE-2021-47428)

* kernel: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47386)

* kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)

* kernel: lib/generic-radix-tree.c: Don't overflow in peek() (CVE-2021-47432)

* kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (CVE-2023-52703)

* kernel: pstore/platform: Add check for kstrdup (CVE-2023-52869)

* kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size (CVE-2023-52762)

* kernel: nbd: fix uaf in nbd_open (CVE-2023-52837)

* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)

* kernel: smb: client: fix potential deadlock when releasing mids (CVE-2023-52757)

* kernel: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (CVE-2023-52819)

* kernel: i915/perf: Fix NULL deref bugs with drm_dbg() calls (CVE-2023-52788)

* kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET (CVE-2023-52813)

* kernel: drm/amdgpu: Fix potential null pointer derefernce (CVE-2023-52814)

* kernel: drm/radeon: possible buffer overflow (CVE-2023-52867)

* kernel: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (CVE-2023-52817)

* kernel: spi: Fix null dereference on suspend (CVE-2023-52749)

* kernel: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds (CVE-2023-52878)

* kernel: net/smc: avoid data corruption caused by decline (CVE-2023-52775)

* kernel: cpu/hotplug: Don't offline the last non-isolated CPU (CVE-2023-52831)

* kernel: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch (CVE-2023-52740)

* kernel: pwm: Fix double shift bug (CVE-2023-52756)

* kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (CVE-2023-52811)

* kernel: atl1c: Work around the DMA RX overflow issue (CVE-2023-52834)

* kernel: perf: hisi: Fix use-after-free when register pmu fails (CVE-2023-52859)

* kernel: i2c: dev: copy userspace array safely (CVE-2023-52758)

* kernel: smb: client: fix use-after-free in smb2_query_info_compound() (CVE-2023-52751)

* kernel: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (CVE-2023-52840)

* kernel: Bluetooth: btusb: Add date->evt_skb is NULL check (CVE-2023-52833)

* kernel: i2c: core: Run atomic i2c xfer when !preemptible (CVE-2023-52791)

* kernel: bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)

* kernel: fbdev: Fix invalid page access after closing deferred I/O devices (CVE-2023-52731)

* kernel: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() (CVE-2021-47457)

* kernel: powerpc/smp: do not decrement idle task preempt count in CPU offline (CVE-2021-47454)

* kernel: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells (CVE-2021-47497)

* kernel: usbnet: sanity check for maxpacket (CVE-2021-47495)

* kernel: igb: Fix string truncation warnings in igb_set_fw_version (CVE-2024-36010)

* kernel: aio: fix use-after-free due to missing POLLFREE handling (CVE-2021-47505)

* kernel: ppdev: Add an error check in register_device (CVE-2024-36015)

* kernel: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (CVE-2024-36885)

* kernel: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() (CVE-2024-36884)

* kernel: mm: use memalloc_nofs_save() in page_cache_ra_order() (CVE-2024-36882)

* kernel: mm/userfaultfd: reset ptes when close() for wr-protected ones (CVE-2024-36881)

* kernel: octeontx2-af: fix the double free in rvu_npc_freemem() (CVE-2024-36030)

* kernel: keys: Fix overwrite of key expiration on instantiation (CVE-2024-36031)

* kernel: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (CVE-2024-36028)

* kernel: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload (CVE-2024-36022)

* kernel: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (CVE-2024-36945)

* kernel: Reapply drm/qxl: simplify qxl_fence_wait (CVE-2024-36944)

* kernel: pinctrl: core: delete incorrect free in pinctrl_enable() (CVE-2024-36940)

* kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().
(CVE-2024-36933)

* kernel: thermal/debugfs: Prevent use-after-free from occurring after cdev removal (CVE-2024-36932)

* kernel: spi: fix null pointer dereference within spi_sync (CVE-2024-36930)

* kernel: ipv4: Fix uninit-value access in __ip_make_skb() (CVE-2024-36927)

* kernel: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE (CVE-2024-36926)

* kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (CVE-2024-36920)

* kernel: block: fix overflow in blk_ioctl_discard() (CVE-2024-36917)

* kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (CVE-2024-36905)

* kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (CVE-2024-36902)

* kernel: USB: core: Fix access violation during port device removal (CVE-2024-36896)

* kernel: maple_tree: fix mas_empty_area_rev() null pointer dereference (CVE-2024-36891)

* kernel: thermal/debugfs: Free all thermal zone debug memory on zone removal (CVE-2024-36956)

* kernel: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (CVE-2024-36955)

* kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init(). (CVE-2024-36939)

* kernel: ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)

* kernel: thermal/debugfs: Fix two locking issues with thermal zone debug (CVE-2024-36961)

* kernel: drm/vmwgfx: Fix invalid reads in fence signaled events (CVE-2024-36960)

* kernel: KEYS: trusted: Fix memory leak in tpm2_key_encode() (CVE-2024-36967)

* kernel: usb: dwc3: Wait unconditionally after issuing EndXfer command (CVE-2024-36977)

* kernel: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (CVE-2024-36974)

* kernel: ALSA: timer: Set lower bound of start tick time (CVE-2024-38618)

* kernel: ALSA: core: Fix NULL module pointer assignment at card init (CVE-2024-38605)

* kernel: block: refine the EOF check in blkdev_iomap_begin (CVE-2024-38604)

* kernel: ALSA: Fix deadlocks with kctl removals at disconnection (CVE-2024-38600)

* kernel: md: fix resync softlockup when bitmap size is less than array size (CVE-2024-38598)

* kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (CVE-2024-38596)

* kernel: drm/amdgpu/mes: fix use-after-free issue (CVE-2024-38581)

* kernel: net/mlx5: Discard command completions in internal error (CVE-2024-38555)

* kernel: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (CVE-2024-36477)

* kernel: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (CVE-2024-38388)

* kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (CVE-2024-31076)

* kernel: soundwire: cadence: fix invalid PDI offset (CVE-2024-38635)

* kernel: vfio/pci: fix potential memory leak in vfio_intx_enable() (CVE-2024-38632)

* kernel: dmaengine: idxd: Avoid unnecessary destruction of file_ida (CVE-2024-38629)

* kernel: stm class: Fix a double free in stm_register_device() (CVE-2024-38627)

* kernel: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (CVE-2024-39291)

* kernel: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages (CVE-2024-39298)

* kernel: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (CVE-2024-39276)

* kernel: drm/amdgpu: add error handle to avoid out-of-bounds (CVE-2024-39471)

* kernel: drm/i915/hwmon: Get rid of devm (CVE-2024-39479)

* kernel: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (CVE-2024-39473)

* kernel: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (CVE-2024-39474)

* kernel: efi/unaccepted: touch soft lockup during memory accept (CVE-2024-36936)

* kernel: drm/drm_file: Fix pid refcounting race (CVE-2024-39486)

* kernel: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (CVE-2024-39488)

* kernel: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (CVE-2024-39491)

* kernel: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (CVE-2024-39497)

* kernel: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (CVE-2024-39498)

* kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver() (CVE-2024-39499)

* kernel: drivers: core: synchronize really_probe() and dev_uevent() (CVE-2024-39501)

* kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)

* kernel: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (CVE-2024-39508)

* kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (CVE-2024-40903)

* kernel: net/mlx5: Always stop health timer during driver removal (CVE-2024-40906)

* kernel: ionic: fix kernel panic in XDP_TX action (CVE-2024-40907)

* kernel: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (CVE-2024-40913)

* kernel: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (CVE-2024-40919)

* kernel: io_uring/rsrc: don't lock while !TASK_RUNNING (CVE-2024-40922)

* kernel: vmxnet3: disable rx data ring on dma allocation failure (CVE-2024-40923)

* kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)

* kernel: block: fix request.queuelist usage in flush (CVE-2024-40925)

* kernel: wifi: cfg80211: validate HE operation element parsing (CVE-2024-40930)

* kernel: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (CVE-2024-40940)

* kernel: iommu: Return right value in iommu_sva_bind_device() (CVE-2024-40945)

* kernel: mm/page_table_check: fix crash on ZONE_DEVICE (CVE-2024-40948)

* kernel: i2c: lpi2c: Avoid calling clk_get_rate during transfer (CVE-2024-40965)

* kernel: tty: add the option to have a tty reject a new ldisc (CVE-2024-40966)

* kernel: serial: imx: Introduce timeout when waiting on transmitter empty (CVE-2024-40967)

* kernel: drm/radeon: fix UBSAN warning in kv_dpm.c (CVE-2024-40988)

* kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown (CVE-2024-40989)

* kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit (CVE-2024-40997)

* kernel: io_uring/sqpoll: work around a potential audit memory leak (CVE-2024-41001)

* kernel: net: hns3: fix kernel crash problem in concurrent scenario (CVE-2024-39507)

* kernel: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (CVE-2024-40901)

* kernel: tcp: avoid too many retransmit packets (CVE-2024-41007)

* kernel: drm/amdgpu: change vm->task_info handling (CVE-2024-41008)

* kernel: vt_ioctl: fix array_index_nospec in vt_setactivate (CVE-2022-48804)

* kernel: bluetooth: race condition in sniff_{min,max}_interval_set() (CVE-2024-24859)

* kernel: filelock: Remove locks reliably when fcntl/close race is detected (CVE-2024-41012)

* kernel: filelock: Fix fcntl/close race recovery compat path (CVE-2024-41020)

* kernel: mm: vmalloc: check if a hash-index is in cpu_possible_mask (CVE-2024-41032)

* kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (CVE-2024-41038)

* kernel: firmware: cs_dsp: Fix overflow checking of wmfw header (CVE-2024-41039)

* kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)

* kernel: filelock: fix potential use-after-free in posix_lock_inode (CVE-2024-41049)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (CVE-2024-41057)

* kernel: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (CVE-2024-41058)

* kernel: drm/radeon: check bo_va->bo is non-NULL before using it (CVE-2024-41060)

* kernel: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (CVE-2024-41063)

* kernel: powerpc/pseries: Whitelist dtl slub object for copying to userspace (CVE-2024-41065)

* kernel: null_blk: fix validation of block size (CVE-2024-41077)

* kernel: nvmet: always initialize cqe.result (CVE-2024-41079)

* kernel: nvme-fabrics: use reserved tag for reg read/write command (CVE-2024-41082)

* kernel: cxl/region: Avoid null pointer dereference in region lookup (CVE-2024-41084)

* kernel: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling (CVE-2024-41085)

* kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (CVE-2024-41089)

* kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)

* kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)

* kernel: drm/fbdev-dma: Only set smem_start is enable per module option (CVE-2024-41094)

* kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (CVE-2024-41095)

* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)

* kernel: nfsd: initialise nfsd_info.mutex early. (CVE-2024-42078)

* kernel: ftruncate: pass a signed offset (CVE-2024-42084)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (CVE-2024-42101)

* kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (CVE-2024-42114)

* kernel: drm/amdgpu: fix double free err_addr pointer warnings (CVE-2024-42123)

* kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible (CVE-2024-42124)

* kernel: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (CVE-2024-42125)

* kernel: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (CVE-2024-42132)

* kernel: Bluetooth: ISO: Check socket flag instead of hcon (CVE-2024-42141)

* kernel: tcp_metrics: validate source addr length (CVE-2024-42154)

* kernel: scsi: mpi3mr: Sanitise num_phys (CVE-2024-42159)

* kernel: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (CVE-2024-42226)

* kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (CVE-2024-42228)

* kernel: firmware: cs_dsp: Validate payload length before processing block (CVE-2024-42237)

* kernel: firmware: cs_dsp: Return error if block header overflows file (CVE-2024-42238)

* kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation (CVE-2024-42240)

* kernel: Revert sched/fair: Make sure to try to detach at least one movable task (CVE-2024-42245)

* kernel: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines (CVE-2024-42258)

* kernel: net/mlx5: Fix missing lock on sync reset reload (CVE-2024-42268)

* kernel: net/iucv: fix use after free in iucv_sock_close() (CVE-2024-42271)

* kernel: nvme-pci: add missing condition check for existence of mapped data (CVE-2024-42276)

* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)

* kernel: net: missing check virtio (CVE-2024-43817)

* kernel: nfs: pass explicit offset/count to trace events (CVE-2024-43826)

* kernel: leds: trigger: Unregister sysfs attributes before calling deactivate() (CVE-2024-43830)

* kernel: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CVE-2024-43842)

* kernel: dma: fix call order in dmam_free_coherent (CVE-2024-43856)

* kernel: s390/fpu: Re-add exception handling in load_fpu_state() (CVE-2024-43865)

* kernel: net/mlx5: Always drain health in shutdown callback (CVE-2024-43866)

* kernel: perf: Fix event leak upon exec and file release (CVE-2024-43869)

* kernel: perf: Fix event leak upon exit (CVE-2024-43870)

* kernel: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (CVE-2024-43879)

* kernel: nommu: fix memory leak in do_mmap() error path (CVE-2023-52902)

* kernel: bpf: Fix crash due to out of bounds access into reg2btf_ids. (CVE-2022-48929)

* kernel: mm: list_lru: fix UAF for memory cgroup (CVE-2024-43888)

* kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)

* kernel: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (CVE-2024-43911)

* kernel: fuse: Initialize beyond-EOF page contents before setting uptodate (CVE-2024-44947)

* kernel: usb: gadget: core: Check for unset descriptor (CVE-2024-44960)

* kernel: x86/mm: Fix pti_clone_pgtable() alignment assumption (CVE-2024-44965)

* kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (CVE-2024-44970)

* kernel: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (CVE-2024-44984)

* kernel: KVM: s390: fix validity interception issue when gisa is switched off (CVE-2024-45005)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL kernel package based on the guidance in RHSA-2024:9315.

Plugin Details

Severity: High

ID: 210815

File Name: redhat-RHSA-2024-9315.nasl

Version: 1.1

Type: local

Agent: unix

Family: Red Hat Local Security Checks

Published: 11/12/2024

Updated: 11/12/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 4.8

Temporal Score: 3.8

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-10135

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2024-43888

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-debug-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump, cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:kernel-64k, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:rv, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel, p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel, p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:redhat:enterprise_linux:libperf, p-cpe:/a:redhat:enterprise_linux:kernel-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules, p-cpe:/a:redhat:enterprise_linux:kernel-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt-addons, p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-core, p-cpe:/a:redhat:enterprise_linux:python3-perf, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched, p-cpe:/a:redhat:enterprise_linux:rtla, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug, p-cpe:/a:redhat:enterprise_linux:kernel-64k-core, p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel-matched

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/12/2024

Vulnerability Publication Date: 4/14/2020

Reference Information

CVE: CVE-2019-25162, CVE-2020-10135, CVE-2021-47098, CVE-2021-47101, CVE-2021-47185, CVE-2021-47384, CVE-2021-47386, CVE-2021-47428, CVE-2021-47429, CVE-2021-47432, CVE-2021-47454, CVE-2021-47457, CVE-2021-47495, CVE-2021-47497, CVE-2021-47505, CVE-2022-48669, CVE-2022-48672, CVE-2022-48703, CVE-2022-48804, CVE-2022-48929, CVE-2023-52445, CVE-2023-52451, CVE-2023-52455, CVE-2023-52462, CVE-2023-52464, CVE-2023-52466, CVE-2023-52467, CVE-2023-52473, CVE-2023-52475, CVE-2023-52477, CVE-2023-52482, CVE-2023-52490, CVE-2023-52492, CVE-2023-52498, CVE-2023-52501, CVE-2023-52513, CVE-2023-52520, CVE-2023-52528, CVE-2023-52560, CVE-2023-52565, CVE-2023-52585, CVE-2023-52594, CVE-2023-52595, CVE-2023-52606, CVE-2023-52614, CVE-2023-52615, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622, CVE-2023-52624, CVE-2023-52625, CVE-2023-52632, CVE-2023-52634, CVE-2023-52635, CVE-2023-52637, CVE-2023-52643, CVE-2023-52648, CVE-2023-52649, CVE-2023-52650, CVE-2023-52656, CVE-2023-52659, CVE-2023-52661, CVE-2023-52662, CVE-2023-52663, CVE-2023-52664, CVE-2023-52674, CVE-2023-52676, CVE-2023-52679, CVE-2023-52680, CVE-2023-52683, CVE-2023-52686, CVE-2023-52689, CVE-2023-52690, CVE-2023-52696, CVE-2023-52697, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52731, CVE-2023-52740, CVE-2023-52749, CVE-2023-52751, CVE-2023-52756, CVE-2023-52757, CVE-2023-52758, CVE-2023-52762, CVE-2023-52775, CVE-2023-52784, CVE-2023-52788, CVE-2023-52791, CVE-2023-52811, CVE-2023-52813, CVE-2023-52814, CVE-2023-52817, CVE-2023-52819, CVE-2023-52831, CVE-2023-52833, CVE-2023-52834, CVE-2023-52837, CVE-2023-52840, CVE-2023-52859, CVE-2023-52867, CVE-2023-52869, CVE-2023-52878, CVE-2023-52902, CVE-2024-0340, CVE-2024-1151, CVE-2024-22099, CVE-2024-23307, CVE-2024-23848, CVE-2024-24857, CVE-2024-24858, CVE-2024-24859, CVE-2024-25739, CVE-2024-26589, CVE-2024-26591, CVE-2024-26601, CVE-2024-26603, CVE-2024-26605, CVE-2024-26611, CVE-2024-26612, CVE-2024-26614, CVE-2024-26618, CVE-2024-26631, CVE-2024-26638, CVE-2024-26641, CVE-2024-26645, CVE-2024-26646, CVE-2024-26650, CVE-2024-26656, CVE-2024-26660, CVE-2024-26661, CVE-2024-26662, CVE-2024-26663, CVE-2024-26664, CVE-2024-26669, CVE-2024-26670, CVE-2024-26672, CVE-2024-26674, CVE-2024-26675, CVE-2024-26678, CVE-2024-26679, CVE-2024-26680, CVE-2024-26686, CVE-2024-26691, CVE-2024-26700, CVE-2024-26704, CVE-2024-26707, CVE-2024-26708, CVE-2024-26712, CVE-2024-26717, CVE-2024-26719, CVE-2024-26725, CVE-2024-26733, CVE-2024-26740, CVE-2024-26743, CVE-2024-26744, CVE-2024-26746, CVE-2024-26757, CVE-2024-26758, CVE-2024-26759, CVE-2024-26761, CVE-2024-26767, CVE-2024-26772, CVE-2024-26774, CVE-2024-26782, CVE-2024-26785, CVE-2024-26786, CVE-2024-26803, CVE-2024-26812, CVE-2024-26815, CVE-2024-26835, CVE-2024-26837, CVE-2024-26838, CVE-2024-26840, CVE-2024-26843, CVE-2024-26846, CVE-2024-26857, CVE-2024-26861, CVE-2024-26862, CVE-2024-26863, CVE-2024-26870, CVE-2024-26872, CVE-2024-26878, CVE-2024-26882, CVE-2024-26889, CVE-2024-26890, CVE-2024-26892, CVE-2024-26894, CVE-2024-26899, CVE-2024-26900, CVE-2024-26901, CVE-2024-26903, CVE-2024-26906, CVE-2024-26907, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26922, CVE-2024-26924, CVE-2024-26927, CVE-2024-26928, CVE-2024-26933, CVE-2024-26934, CVE-2024-26937, CVE-2024-26938, CVE-2024-26939, CVE-2024-26940, CVE-2024-26950, CVE-2024-26951, CVE-2024-26953, CVE-2024-26958, CVE-2024-26960, CVE-2024-26962, CVE-2024-26964, CVE-2024-26973, CVE-2024-26975, CVE-2024-26976, CVE-2024-26984, CVE-2024-26987, CVE-2024-26988, CVE-2024-26989, CVE-2024-26990, CVE-2024-26992, CVE-2024-27003, CVE-2024-27004, CVE-2024-27010, CVE-2024-27011, CVE-2024-27012, CVE-2024-27013, CVE-2024-27014, CVE-2024-27015, CVE-2024-27017, CVE-2024-27023, CVE-2024-27025, CVE-2024-27038, CVE-2024-27042, CVE-2024-27048, CVE-2024-27057, CVE-2024-27062, CVE-2024-27079, CVE-2024-27389, CVE-2024-27395, CVE-2024-27404, CVE-2024-27410, CVE-2024-27414, CVE-2024-27431, CVE-2024-27436, CVE-2024-27437, CVE-2024-31076, CVE-2024-35787, CVE-2024-35794, CVE-2024-35795, CVE-2024-35801, CVE-2024-35805, CVE-2024-35807, CVE-2024-35808, CVE-2024-35809, CVE-2024-35810, CVE-2024-35812, CVE-2024-35814, CVE-2024-35817, CVE-2024-35822, CVE-2024-35824, CVE-2024-35827, CVE-2024-35831, CVE-2024-35835, CVE-2024-35838, CVE-2024-35840, CVE-2024-35843, CVE-2024-35847, CVE-2024-35853, CVE-2024-35854, CVE-2024-35855, CVE-2024-35859, CVE-2024-35861, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35866, CVE-2024-35867, CVE-2024-35869, CVE-2024-35872, CVE-2024-35876, CVE-2024-35877, CVE-2024-35878, CVE-2024-35880, CVE-2024-35886, CVE-2024-35888, CVE-2024-35892, CVE-2024-35894, CVE-2024-35900, CVE-2024-35904, CVE-2024-35905, CVE-2024-35908, CVE-2024-35912, CVE-2024-35913, CVE-2024-35918, CVE-2024-35923, CVE-2024-35924, CVE-2024-35925, CVE-2024-35927, CVE-2024-35928, CVE-2024-35930, CVE-2024-35931, CVE-2024-35938, CVE-2024-35939, CVE-2024-35942, CVE-2024-35944, CVE-2024-35946, CVE-2024-35947, CVE-2024-35950, CVE-2024-35952, CVE-2024-35954, CVE-2024-35957, CVE-2024-35959, CVE-2024-35973, CVE-2024-35976, CVE-2024-35979, CVE-2024-35983, CVE-2024-35991, CVE-2024-35995, CVE-2024-36006, CVE-2024-36010, CVE-2024-36015, CVE-2024-36022, CVE-2024-36028, CVE-2024-36030, CVE-2024-36031, CVE-2024-36477, CVE-2024-36881, CVE-2024-36882, CVE-2024-36884, CVE-2024-36885, CVE-2024-36891, CVE-2024-36896, CVE-2024-36901, CVE-2024-36902, CVE-2024-36905, CVE-2024-36917, CVE-2024-36920, CVE-2024-36926, CVE-2024-36927, CVE-2024-36930, CVE-2024-36932, CVE-2024-36933, CVE-2024-36936, CVE-2024-36939, CVE-2024-36940, CVE-2024-36944, CVE-2024-36945, CVE-2024-36955, CVE-2024-36956, CVE-2024-36960, CVE-2024-36961, CVE-2024-36967, CVE-2024-36974, CVE-2024-36977, CVE-2024-38388, CVE-2024-38555, CVE-2024-38581, CVE-2024-38596, CVE-2024-38598, CVE-2024-38600, CVE-2024-38604, CVE-2024-38605, CVE-2024-38618, CVE-2024-38627, CVE-2024-38629, CVE-2024-38632, CVE-2024-38635, CVE-2024-39276, CVE-2024-39291, CVE-2024-39298, CVE-2024-39471, CVE-2024-39473, CVE-2024-39474, CVE-2024-39479, CVE-2024-39486, CVE-2024-39488, CVE-2024-39491, CVE-2024-39497, CVE-2024-39498, CVE-2024-39499, CVE-2024-39501, CVE-2024-39503, CVE-2024-39507, CVE-2024-39508, CVE-2024-40901, CVE-2024-40903, CVE-2024-40906, CVE-2024-40907, CVE-2024-40913, CVE-2024-40919, CVE-2024-40922, CVE-2024-40923, CVE-2024-40924, CVE-2024-40925, CVE-2024-40930, CVE-2024-40940, CVE-2024-40945, CVE-2024-40948, CVE-2024-40965, CVE-2024-40966, CVE-2024-40967, CVE-2024-40988, CVE-2024-40989, CVE-2024-40997, CVE-2024-41001, CVE-2024-41007, CVE-2024-41008, CVE-2024-41012, CVE-2024-41020, CVE-2024-41032, CVE-2024-41038, CVE-2024-41039, CVE-2024-41042, CVE-2024-41049, CVE-2024-41056, CVE-2024-41057, CVE-2024-41058, CVE-2024-41060, CVE-2024-41063, CVE-2024-41065, CVE-2024-41077, CVE-2024-41079, CVE-2024-41082, CVE-2024-41084, CVE-2024-41085, CVE-2024-41089, CVE-2024-41092, CVE-2024-41093, CVE-2024-41094, CVE-2024-41095, CVE-2024-42070, CVE-2024-42078, CVE-2024-42084, CVE-2024-42090, CVE-2024-42101, CVE-2024-42114, CVE-2024-42123, CVE-2024-42124, CVE-2024-42125, CVE-2024-42132, CVE-2024-42141, CVE-2024-42154, CVE-2024-42159, CVE-2024-42226, CVE-2024-42228, CVE-2024-42237, CVE-2024-42238, CVE-2024-42240, CVE-2024-42245, CVE-2024-42258, CVE-2024-42268, CVE-2024-42271, CVE-2024-42276, CVE-2024-42301, CVE-2024-43817, CVE-2024-43826, CVE-2024-43830, CVE-2024-43842, CVE-2024-43856, CVE-2024-43865, CVE-2024-43866, CVE-2024-43869, CVE-2024-43870, CVE-2024-43879, CVE-2024-43888, CVE-2024-43892, CVE-2024-43911, CVE-2024-44947, CVE-2024-44960, CVE-2024-44965, CVE-2024-44970, CVE-2024-44984, CVE-2024-45005

CWE: 1050, 118, 119, 120, 121, 122, 124, 125, 129, 130, 1300, 131, 1341, 15, 158, 170, 190, 191, 20, 200, 229, 252, 281, 290, 362, 364, 369, 372, 393, 399, 400, 401, 402, 404, 413, 414, 415, 416, 456, 457, 459, 476, 489, 562, 617, 665, 667, 703, 754, 787, 805, 822, 825, 833, 835, 908, 96, 99

RHSA: 2024:9315

Detections

Analytics