rpm package
almalinux/kernel-zfcpdump-devel
pkg:rpm/almalinux/kernel-zfcpdump-devel
Vulnerabilities (1,185)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-21823 | Hig | 7.5 | < 4.18.0-553.16.1.el8_10 | 4.18.0-553.16.1.el8_10 | May 16, 2024 | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access | |
| CVE-2024-25743 | Hig | 7.1 | < 5.14.0-427.16.1.el9_4 | 5.14.0-427.16.1.el9_4 | May 15, 2024 | In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. | |
| CVE-2024-27397 | Hig | 7.0 | < 5.14.0-427.26.1.el9_4 | 5.14.0-427.26.1.el9_4 | May 14, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate | |
| CVE-2024-27399 | — | < 4.18.0-553.30.1.el8_10 | 4.18.0-553.30.1.el8_10 | May 13, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be | ||
| CVE-2024-27393 | — | < 5.14.0-427.24.1.el9_4 | 5.14.0-427.24.1.el9_4 | May 9, 2024 | In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed | ||
| CVE-2024-27065 | Hig | 7.8 | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags. | |
| CVE-2024-27059 | Med | 5.5 | < 4.18.0-553.5.1.el8_10 | 4.18.0-553.5.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when crea | |
| CVE-2024-27052 | Hig | 7.4 | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop(). | |
| CVE-2023-52653 | — | < 4.18.0-553.16.1.el8_10 | 4.18.0-553.16.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error | ||
| CVE-2022-48669 | — | < 4.18.0-553.5.1.el8_10 | 4.18.0-553.5.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fail. We need to free the original `buf` in the case of failure. | ||
| CVE-2024-27062 | — | < 4.18.0-553.27.1.el8_10 | 4.18.0-553.27.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306 | ||
| CVE-2024-27049 | — | < 5.14.0-427.31.1.el9_4 | 5.14.0-427.31.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event af | ||
| CVE-2024-27046 | — | < 5.14.0-427.28.1.el9_4 | 5.14.0-427.28.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po | ||
| CVE-2024-27043 | — | < 4.18.0-553.30.1.el8_10 | 4.18.0-553.30.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio | ||
| CVE-2024-27030 | — | < 5.14.0-427.28.1.el9_4 | 5.14.0-427.28.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C | ||
| CVE-2024-27022 | Hig | 7.8 | < 5.14.0-427.37.1.el9_4 | 5.14.0-427.37.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfs_fallocate dup_mmap hugetlbfs_punch_hole | |
| CVE-2024-27020 | Hig | 7.0 | < 5.14.0-427.33.1.el9_4 | 5.14.0-427.33.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li | |
| CVE-2024-27013 | Med | 5.5 | < 4.18.0-553.22.1.el8_10 | 4.18.0-553.22.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe | |
| CVE-2024-26993 | Med | 5.5 | < 4.18.0-553.5.1.el8_10 | 4.18.0-553.5.1.el8_10 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn | |
| CVE-2024-26982 | Hig | 7.1 | < 5.14.0-427.28.1.el9_4 | 5.14.0-427.28.1.el9_4 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in |
- affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access
- affected < 5.14.0-427.16.1.el9_4fixed 5.14.0-427.16.1.el9_4
In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.
- affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate
- CVE-2024-27399May 13, 2024affected < 4.18.0-553.30.1.el8_10fixed 4.18.0-553.30.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the channel, the chan->conn will be
- CVE-2024-27393May 9, 2024affected < 5.14.0-427.24.1.el9_4fixed 5.14.0-427.24.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle Notice that skb_mark_for_recycle() is introduced later than fixes tag in commit 6a5bcd84e886 ("page_pool: Allow drivers to hint on SKB recycling"). It is believed
- affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.
- affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when crea
- affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().
- CVE-2023-52653May 1, 2024affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error
- CVE-2022-48669May 1, 2024affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr() `buf` is allocated in papr_get_attr(), and krealloc() of `buf` could fail. We need to free the original `buf` in the case of failure.
- CVE-2024-27062May 1, 2024affected < 4.18.0-553.27.1.el8_10fixed 4.18.0-553.27.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306
- CVE-2024-27049May 1, 2024affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event af
- CVE-2024-27046May 1, 2024affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null po
- CVE-2024-27043May 1, 2024affected < 4.18.0-553.30.1.el8_10fixed 4.18.0-553.30.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocatio
- CVE-2024-27030May 1, 2024affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two C
- affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING [1]. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfs_fallocate dup_mmap hugetlbfs_punch_hole
- affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions li
- affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. Whe
- affected < 4.18.0-553.5.1.el8_10fixed 4.18.0-553.5.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection() The sysfs_break_active_protection() routine has an obvious reference leak in its error path. If the call to kernfs_find_and_get() fails then kn
- affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an in
Page 40 of 60