rpm package

almalinux/kernel-core

pkg:rpm/almalinux/kernel-core

Vulnerabilities (1,153)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-35870		—	< 5.14.0-427.24.1.el9_4	5.14.0-427.24.1.el9_4	May 19, 2024	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses(). Thi
CVE-2024-25742	Med	6.5	< 5.14.0-427.16.1.el9_4	5.14.0-427.16.1.el9_4	May 17, 2024	In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
CVE-2024-35845	Cri	9.1	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.
CVE-2024-35857		—	< 5.14.0-427.28.1.el9_4	5.14.0-427.28.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(de
CVE-2024-35852		—	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that t
CVE-2024-35848		—	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem
CVE-2024-35839		—	< 5.14.0-427.33.1.el9_4	5.14.0-427.33.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be different to neigh's neigh->de
CVE-2023-52686		—	< 4.18.0-553.8.1.el8_10	4.18.0-553.8.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52683		—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32
CVE-2023-52675		—	< 4.18.0-553.8.1.el8_10	4.18.0-553.8.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2024-35823	Med	5.3	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer").
CVE-2024-35807	Med	5.5	< 4.18.0-553.16.1.el8_10	4.18.0-553.16.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned
CVE-2023-52667		—	< 4.18.0-553.8.1.el8_10	4.18.0-553.8.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() wi
CVE-2024-35809		—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove() callback in the rtsx_pcr PCI driver leads to a kernel crash due to an unhandled
CVE-2024-35801		—	< 4.18.0-553.16.1.el8_10	4.18.0-553.16.1.el8_10	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd
CVE-2024-35800		—	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. In kdump kernel this method is set to NULL that causes panic during the kexec-ed kernel boot. Tested wit
CVE-2024-35797		—	< 5.14.0-427.35.1.el9_4	5.14.0-427.35.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1) A swapin error can have resulted in a poisoned swap entry in the shmem inode's
CVE-2024-35789	Hig	7.8	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c
CVE-2024-35791		—	< 5.14.0-427.35.1.el9_4	5.14.0-427.35.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where regi
CVE-2024-27435		—	< 5.14.0-427.26.1.el9_4	5.14.0-427.26.1.el9_4	May 17, 2024	In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, admin_q reconnect failed forever while remote target and network is ok. After di

CVE-2024-35870May 19, 2024
affected < 5.14.0-427.24.1.el9_4fixed 5.14.0-427.24.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses(). Thi
CVE-2024-25742MedMay 17, 2024
affected < 5.14.0-427.16.1.el9_4fixed 5.14.0-427.16.1.el9_4
In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
CVE-2024-35845CriMay 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.
CVE-2024-35857May 17, 2024
affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(de
CVE-2024-35852May 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that t
CVE-2024-35848May 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem
CVE-2024-35839May 17, 2024
affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be different to neigh's neigh->de
CVE-2023-52686May 17, 2024
affected < 4.18.0-553.8.1.el8_10fixed 4.18.0-553.8.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52683May 17, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32
CVE-2023-52675May 17, 2024
affected < 4.18.0-553.8.1.el8_10fixed 4.18.0-553.8.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2024-35823MedMay 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer").
CVE-2024-35807MedMay 17, 2024
affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned
CVE-2023-52667May 17, 2024
affected < 4.18.0-553.8.1.el8_10fixed 4.18.0-553.8.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() wi
CVE-2024-35809May 17, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtime_idle() callback and the .remove() callback in the rtsx_pcr PCI driver leads to a kernel crash due to an unhandled
CVE-2024-35801May 17, 2024
affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd
CVE-2024-35800May 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. In kdump kernel this method is set to NULL that causes panic during the kexec-ed kernel boot. Tested wit
CVE-2024-35797May 17, 2024
affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1) A swapin error can have resulted in a poisoned swap entry in the shmem inode's
CVE-2024-35789HigMay 17, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fast_rx entry still holds a pointer to the VLAN's netdev, which can c
CVE-2024-35791May 17, 2024
affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where regi
CVE-2024-27435May 17, 2024
affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, admin_q reconnect failed forever while remote target and network is ok. After di

Page 35 of 58