rpm package
almalinux/kernel-rt-kvm
pkg:rpm/almalinux/kernel-rt-kvm
Vulnerabilities (523)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52513 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled | ||
| CVE-2022-48627 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Mar 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m | ||
| CVE-2021-47073 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() u | ||
| CVE-2021-47069 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Mar 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local address. The sender (do_mq_timedsend) uses this address to later call pipelined_sen | ||
| CVE-2021-47055 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e | ||
| CVE-2024-26615 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1 | ||
| CVE-2024-26614 | — | < 4.18.0-553.16.1.rt7.357.el8_10 | 4.18.0-553.16.1.rt7.357.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: | ||
| CVE-2023-52478 | — | < 4.18.0-553.22.1.rt7.363.el8_10 | 4.18.0-553.22.1.rt7.363.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro | ||
| CVE-2023-52477 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init | ||
| CVE-2023-52476 | — | < 4.18.0-553.22.1.rt7.363.el8_10 | 4.18.0-553.22.1.rt7.363.el8_10 | Feb 29, 2024 | In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur | ||
| CVE-2021-46984 | — | < 4.18.0-553.22.1.rt7.363.el8_10 | 4.18.0-553.22.1.rt7.363.el8_10 | Feb 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU | ||
| CVE-2021-46972 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when sh | ||
| CVE-2021-46939 | — | < 4.18.0-553.16.1.rt7.357.el8_10 | 4.18.0-553.16.1.rt7.357.el8_10 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back | ||
| CVE-2020-36777 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m | ||
| CVE-2021-46934 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i | ||
| CVE-2021-46909 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Feb 27, 2024 | In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe | ||
| CVE-2019-25162 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde | ||
| CVE-2024-26603 | — | < 4.18.0-553.5.1.rt7.346.el8_10 | 4.18.0-553.5.1.rt7.346.el8_10 | Feb 24, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user | ||
| CVE-2024-26595 | — | < 4.18.0-553.22.1.rt7.363.el8_10 | 4.18.0-553.22.1.rt7.363.el8_10 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer | ||
| CVE-2023-52464 | — | < 4.18.0-553.8.1.rt7.349.el8_10 | 4.18.0-553.8.1.rt7.349.el8_10 | Feb 23, 2024 | In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx |
- CVE-2023-52513Mar 2, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled
- CVE-2022-48627Mar 2, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m
- CVE-2021-47073Mar 1, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() u
- CVE-2021-47069Mar 1, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local address. The sender (do_mq_timedsend) uses this address to later call pipelined_sen
- CVE-2021-47055Feb 29, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e
- CVE-2024-26615Feb 29, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1
- CVE-2024-26614Feb 29, 2024affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU:
- CVE-2023-52478Feb 29, 2024affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs fro
- CVE-2023-52477Feb 29, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and init
- CVE-2023-52476Feb 29, 2024affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur
- CVE-2021-46984Feb 28, 2024affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10
In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to ->bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU
- CVE-2021-46972Feb 27, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when sh
- CVE-2021-46939Feb 27, 2024affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure trace_clock_global() to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following back
- CVE-2020-36777Feb 27, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The m
- CVE-2021-46934Feb 27, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data i
- CVE-2021-46909Feb 27, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probe
- CVE-2019-25162Feb 26, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, adde
- CVE-2024-26603Feb 24, 2024affected < 4.18.0-553.5.1.rt7.346.el8_10fixed 4.18.0-553.5.1.rt7.346.el8_10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer was taken from fx_sw->xstate_size. fx_sw->xstate_size can be changed from user
- CVE-2024-26595Feb 23, 2024affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer
- CVE-2023-52464Feb 23, 2024affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10
In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx
Page 19 of 27