VYPR

rpm package

almalinux/kernel-rt-debug-core

pkg:rpm/almalinux/kernel-rt-debug-core

Vulnerabilities (1,061)

  • CVE-2024-38538Jun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value[1] error in bridge device's xmit path by sending a short (less than ETH_HLEN bytes) skb. To fix it check if we

  • CVE-2024-36979Jun 19, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while walking the list from the same

  • CVE-2024-36978HigJun 19, 2024
    affected < 5.14.0-427.40.1.el9_4fixed 5.14.0-427.40.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherw

  • CVE-2024-36971KEVJun 10, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_ca

  • CVE-2024-36940HigMay 30, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freei

  • CVE-2024-36939MedMay 30, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature netns. rpc_proc_register() was called in init_nfs_fs(), but its error has been i

  • CVE-2024-36929MedMay 30, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in ord

  • CVE-2024-36904HigMay 30, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operat

  • CVE-2024-36902MedMay 30, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must a

  • CVE-2024-36899HigMay 30, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpio_chrdev_release(), watched_lines is freed

  • CVE-2024-36957May 30, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these c

  • CVE-2024-36954May 30, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path.

  • CVE-2024-36953May 30, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID

  • CVE-2024-36952May 30, 2024
    affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vpo

  • CVE-2024-36950May 30, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced a

  • CVE-2024-36941May 30, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here.

  • CVE-2024-36924May 30, 2024
    affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. Thus, lpfc_worker_wake_up() should not be called while holdin

  • CVE-2024-36922May 30, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim

  • CVE-2024-36921May 30, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. This prevents issues should the drive

  • CVE-2024-36920May 30, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write (size 128)

Page 30 of 54