rpm package
almalinux/kernel-rt-devel
pkg:rpm/almalinux/kernel-rt-devel
Vulnerabilities (1,061)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26894 | Med | 6.0 | < 4.18.0-553.22.1.rt7.363.el8_10 | 4.18.0-553.22.1.rt7.363.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896 | |
| CVE-2024-26880 | Med | 5.5 | < 5.14.0-427.28.1.el9_4 | 5.14.0-427.28.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend There is this reported crash when experimenting with the lvm2 testsuite. The list corruption is caused by the fact that the postsuspend and resume methods were not | |
| CVE-2024-26878 | Med | 4.7 | < 4.18.0-553.16.1.rt7.357.el8_10 | 4.18.0-553.16.1.rt7.357.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode) | |
| CVE-2024-26872 | Hig | 7.0 | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srpt_refresh_port(). This seems to be because an event handler is register | |
| CVE-2024-26870 | Med | 5.5 | < 4.18.0-553.16.1.rt7.357.el8_10 | 4.18.0-553.16.1.rt7.357.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr() with a buffer size = 0 returns the actual size of the buffer needed for a subsequent call. When size > 0, nfs4_listxattr() does | |
| CVE-2024-26859 | Med | 4.7 | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a ra | |
| CVE-2024-26855 | Med | 5.5 | < 5.14.0-427.33.1.el9_4 | 5.14.0-427.33.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() The function ice_bridge_setlink() may encounter a NULL pointer dereference if nlmsg_find_attr() returns NULL and br_spec is dereferenced | |
| CVE-2024-26852 | Hig | 7.8 | < 5.14.0-427.28.1.el9_4 | 5.14.0-427.28.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w | |
| CVE-2024-26851 | Med | 5.5 | < 4.18.0-553.27.1.rt7.368.el8_10 | 4.18.0-553.27.1.rt7.368.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux get_bitmap( | |
| CVE-2024-26886 | — | < 5.14.0-427.35.1.el9_4 | 5.14.0-427.35.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of using sock_sock this uses sk_receive_queue.lock on bt_sock_ioctl to avoid the UAF: | ||
| CVE-2024-26868 | — | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d80 | ||
| CVE-2024-26858 | — | < 5.14.0-427.26.1.el9_4 | 5.14.0-427.26.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map Just simply reordering the functions mlx5e_ptp_metadata_map_put and mlx5e_ptpsq_track_metadata | ||
| CVE-2024-26853 | — | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), it is necessary to free it by calling xdp_return_frame_rx_napi. However, this is | ||
| CVE-2024-26843 | — | < 4.18.0-553.16.1.rt7.357.el8_10 | 4.18.0-553.16.1.rt7.357.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region. | ||
| CVE-2024-26828 | — | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b | ||
| CVE-2024-26826 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it | ||
| CVE-2021-47185 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound | ||
| CVE-2024-26810 | Med | 4.4 | < 5.14.0-427.33.1.el9_4 | 5.14.0-427.33.1.el9_4 | Apr 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core in | |
| CVE-2024-26808 | — | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic | ||
| CVE-2024-26804 | — | < 5.14.0-427.18.1.el9_4 | 5.14.0-427.18.1.el9_4 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr |
- affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10
In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() After unregistering the CPU idle device, the memory associated with it is not freed, leading to a memory leak: unreferenced object 0xffff896
- affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend There is this reported crash when experimenting with the lvm2 testsuite. The list corruption is caused by the fact that the postsuspend and resume methods were not
- affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10
In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode)
- affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srpt_refresh_port(). This seems to be because an event handler is register
- affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr() with a buffer size = 0 returns the actual size of the buffer needed for a subsequent call. When size > 0, nfs4_listxattr() does
- affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a ra
- affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() The function ice_bridge_setlink() may encounter a NULL pointer dereference if nlmsg_find_attr() returns NULL and br_spec is dereferenced
- affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w
- affected < 4.18.0-553.27.1.rt7.368.el8_10fixed 4.18.0-553.27.1.rt7.368.el8_10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux get_bitmap(
- CVE-2024-26886Apr 17, 2024affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of using sock_sock this uses sk_receive_queue.lock on bt_sock_ioctl to avoid the UAF:
- CVE-2024-26868Apr 17, 2024affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d80
- CVE-2024-26858Apr 17, 2024affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map Just simply reordering the functions mlx5e_ptp_metadata_map_put and mlx5e_ptpsq_track_metadata
- CVE-2024-26853Apr 17, 2024affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), it is necessary to free it by calling xdp_return_frame_rx_napi. However, this is
- CVE-2024-26843Apr 17, 2024affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10
In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region.
- CVE-2024-26828Apr 17, 2024affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b
- CVE-2024-26826Apr 17, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it
- CVE-2021-47185Apr 10, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound
- affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core in
- CVE-2024-26808Apr 4, 2024affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic
- CVE-2024-26804Apr 4, 2024affected < 5.14.0-427.18.1.el9_4fixed 5.14.0-427.18.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth syzkaller triggered following kasan splat: BUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170 Read of size 1 at addr
Page 40 of 54