rpm package

almalinux/bpftool

pkg:rpm/almalinux/bpftool

Vulnerabilities (901)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-40939	—	< 7.3.0-427.33.1.el9_4	7.3.0-427.33.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create_region(), previously created regions delete process starts from tainted pointer
CVE-2024-40936	—	< 7.3.0-427.35.1.el9_4	7.3.0-427.35.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the memregion to avoid the memregion leaks.
CVE-2024-40931	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger the
CVE-2024-40929	—	< 7.3.0-427.33.1.el9_4	7.3.0-427.33.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of
CVE-2024-40928	—	< 7.3.0-427.31.1.el9_4	7.3.0-427.31.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference). R
CVE-2024-40927	—	< 7.3.0-427.35.1.el9_4	7.3.0-427.35.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure ev
CVE-2024-40924	—	< 4.18.0-553.27.1.el8_10	4.18.0-553.27.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm->bound_list. Then it tries to rewrite the PTE
CVE-2024-40914	—	< 7.3.0-427.33.1.el9_4	7.3.0-427.33.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio When I did memory failure tests recently, below panic occurs: kernel BUG at include/linux/mm.h:1135! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 9 PID: 13
CVE-2024-40911	—	< 7.3.0-427.33.1.el9_4	7.3.0-427.33.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert in ieee80211_get_station()). This fixes the following kernel NULL dereference:
CVE-2024-40906	—	< 4.18.0-553.53.1.el8_10	4.18.0-553.53.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardown_hca fails to execute during driver removal, mlx5 does not stop the health timer. Afterwards, mlx5 continue with driver teardown. T
CVE-2024-40904	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu
CVE-2024-40901	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long val
CVE-2024-39506	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag() which lo
CVE-2024-39504	—	< 7.3.0-427.42.1.el9_4	7.3.0-427.42.1.el9_4	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference i
CVE-2024-39499	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jul 12, 2024	In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity spotted that event_msg is controlled by user-space, event_msg->event_data.event is passed to event_deliver() and used as an index
CVE-2024-39487	—	< 7.3.0-427.31.1.el9_4	7.3.0-427.31.1.el9_4	Jul 9, 2024	In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string,
CVE-2024-39483	—	< 7.3.0-427.40.1.el9_4	7.3.0-427.40.1.el9_4	Jul 5, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling a
CVE-2024-39476	—	< 7.3.0-427.33.1.el9_4	7.3.0-427.33.1.el9_4	Jul 5, 2024	In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as
CVE-2024-39472	—	< 7.3.0-427.42.1.el9_4	7.3.0-427.42.1.el9_4	Jul 5, 2024	In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial u
CVE-2024-39471	—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Jun 25, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL.

CVE-2024-40939Jul 12, 2024
affected < 7.3.0-427.33.1.el9_4fixed 7.3.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create_region(), previously created regions delete process starts from tainted pointer
CVE-2024-40936Jul 12, 2024
affected < 7.3.0-427.35.1.el9_4fixed 7.3.0-427.35.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the memregion to avoid the memregion leaks.
CVE-2024-40931Jul 12, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger the
CVE-2024-40929Jul 12, 2024
affected < 7.3.0-427.33.1.el9_4fixed 7.3.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this case will cuase an out-of
CVE-2024-40928Jul 12, 2024
affected < 7.3.0-427.31.1.el9_4fixed 7.3.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference). R
CVE-2024-40927Jul 12, 2024
affected < 7.3.0-427.35.1.el9_4fixed 7.3.0-427.35.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure ev
CVE-2024-40924Jul 12, 2024
affected < 4.18.0-553.27.1.el8_10fixed 4.18.0-553.27.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable In some scenarios, the DPT object gets shrunk but the actual framebuffer did not and thus its still there on the DPT's vm->bound_list. Then it tries to rewrite the PTE
CVE-2024-40914Jul 12, 2024
affected < 7.3.0-427.33.1.el9_4fixed 7.3.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio When I did memory failure tests recently, below panic occurs: kernel BUG at include/linux/mm.h:1135! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 9 PID: 13
CVE-2024-40911Jul 12, 2024
affected < 7.3.0-427.33.1.el9_4fixed 7.3.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station Wiphy should be locked before calling rdev_get_station() (see lockdep assert in ieee80211_get_station()). This fixes the following kernel NULL dereference:
CVE-2024-40906Jul 12, 2024
affected < 4.18.0-553.53.1.el8_10fixed 4.18.0-553.53.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardown_hca fails to execute during driver removal, mlx5 does not stop the health timer. Afterwards, mlx5 continue with driver teardown. T
CVE-2024-40904Jul 12, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that the interrupt-URB completion callback in the cdc-wdm driver was taking too long, and the driver's immediate resu
CVE-2024-40901Jul 12, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a potential out-of-bounds access when using test_bit() on a single word. The test_bit() and set_bit() functions operate on long val
CVE-2024-39506Jul 12, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value, but then it is unconditionally passed to skb_add_rx_frag() which lo
CVE-2024-39504Jul 12, 2024
affected < 7.3.0-427.42.1.el9_4fixed 7.3.0-427.42.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference i
CVE-2024-39499Jul 12, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity spotted that event_msg is controlled by user-space, event_msg->event_data.event is passed to event_deliver() and used as an index
CVE-2024-39487Jul 9, 2024
affected < 7.3.0-427.31.1.el9_4fixed 7.3.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string,
CVE-2024-39483Jul 5, 2024
affected < 7.3.0-427.40.1.el9_4fixed 7.3.0-427.40.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling a
CVE-2024-39476Jul 5, 2024
affected < 7.3.0-427.33.1.el9_4fixed 7.3.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as
CVE-2024-39472Jul 5, 2024
affected < 7.3.0-427.42.1.el9_4fixed 7.3.0-427.42.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial u
CVE-2024-39471Jun 25, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL.

Page 15 of 46