rpm package

almalinux/kernel-doc

pkg:rpm/almalinux/kernel-doc

Vulnerabilities (1,156)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-47055		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e
CVE-2024-26615		—	< 5.14.0-503.16.1.el9_5	5.14.0-503.16.1.el9_5	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2023-52492		—	< 4.18.0-553.27.1.el8_10	4.18.0-553.27.1.el8_10	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When d
CVE-2023-52490		—	< 5.14.0-503.26.1.el9_5	5.14.0-503.26.1.el9_5	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual
CVE-2023-52489		—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
CVE-2023-52478		—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has four time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro
CVE-2023-52477		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init
CVE-2023-52476		—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur
CVE-2023-51779	Hig	7.0	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Feb 29, 2024	bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2021-47013		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 28, 2024	In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_sk
CVE-2021-46984		—	< 4.18.0-553.22.1.el8_10	4.18.0-553.22.1.el8_10	Feb 28, 2024	In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU
CVE-2021-46972		—	< 4.18.0-553.8.1.el8_10	4.18.0-553.8.1.el8_10	Feb 27, 2024	In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when sh
CVE-2021-46939		—	< 4.18.0-553.16.1.el8_10	4.18.0-553.16.1.el8_10	Feb 27, 2024	In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back
CVE-2020-36777		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 27, 2024	In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m
CVE-2021-46934		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 27, 2024	In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i
CVE-2019-25162		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 26, 2024	In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde
CVE-2024-26603		—	< 4.18.0-553.5.1.el8_10	4.18.0-553.5.1.el8_10	Feb 24, 2024	In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user
CVE-2024-26602		—	< 5.14.0-427.13.1.el9_4	5.14.0-427.13.1.el9_4	Feb 24, 2024	In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize
CVE-2024-26600		—	< 5.14.0-427.31.1.el9_4	5.14.0-427.31.1.el9_4	Feb 24, 2024	In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et
CVE-2023-52458	Med	5.5	< 5.14.0-427.28.1.el9_4	5.14.0-427.28.1.el9_4	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th

CVE-2021-47055Feb 29, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e
CVE-2024-26615Feb 29, 2024
affected < 5.14.0-503.16.1.el9_5fixed 5.14.0-503.16.1.el9_5
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
CVE-2023-52492Feb 29, 2024
affected < 4.18.0-553.27.1.el8_10fixed 4.18.0-553.27.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When d
CVE-2023-52490Feb 29, 2024
affected < 5.14.0-503.26.1.el9_5fixed 5.14.0-503.26.1.el9_5
In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual
CVE-2023-52489Feb 29, 2024
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA
CVE-2023-52478Feb 29, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro
CVE-2023-52477Feb 29, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init
CVE-2023-52476Feb 29, 2024
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur
CVE-2023-51779HigFeb 29, 2024
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
CVE-2021-47013Feb 28, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_sk
CVE-2021-46984Feb 28, 2024
affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU
CVE-2021-46972Feb 27, 2024
affected < 4.18.0-553.8.1.el8_10fixed 4.18.0-553.8.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when sh
CVE-2021-46939Feb 27, 2024
affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back
CVE-2020-36777Feb 27, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m
CVE-2021-46934Feb 27, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i
CVE-2019-25162Feb 26, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde
CVE-2024-26603Feb 24, 2024
affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user
CVE-2024-26602Feb 24, 2024
affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize
CVE-2024-26600Feb 24, 2024
affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implement send_srp(), we may still attempt to call it. This can happen on an idle Et
CVE-2023-52458MedFeb 23, 2024
affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th

Page 43 of 58