Rocky Linux: RXSA-2024:4928 kernel security update Security Advisories Updates
Summary
An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458) * kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773) * kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737) * kernel: dm: call the resume method on internal suspend (CVE-2024-26880) * kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852) * kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982) * kernel: nfp: flower: handle acti_netdevs allocation failure (CVE-2024-27046) * kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030) * kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857) * kernel: mlxbf_gige: call request_irq() after NAPI initialized (CVE-2024-35907) * kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885) * kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809) * kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459) * kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924) * kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (CVE-2024-36952) * kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743) * kernel: epoll: be better about file lifetimes (CVE-2024-38580) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
bpftool-0:7.3.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
bpftool-0:7.3.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-0:5.14.0-427.28.1.el9_4.cloud.1.0.src.rpm
kernel-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-abi-stablelists-0:5.14.0-427.28.1.el9_4.cloud.1.0.noarch.rpm
kernel-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-cross-headers-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-cross-headers-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-devel-matched-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-devel-matched-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-modules-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-modules-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-modules-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-modules-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-debug-modules-extra-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-debug-modules-extra-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-devel-matched-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-devel-matched-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-doc-0:5.14.0-427.28.1.el9_4.cloud.1.0.noarch.rpm
kernel-headers-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-headers-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-modules-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-modules-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-modules-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-modules-core-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-modules-extra-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-modules-extra-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-tools-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-tools-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-tools-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-tools-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-tools-libs-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-tools-libs-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
kernel-tools-libs-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
kernel-tools-libs-devel-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
perf-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
perf-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
perf-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
perf-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
python3-perf-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
python3-perf-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
python3-perf-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
python3-perf-debuginfo-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
rtla-0:5.14.0-427.28.1.el9_4.cloud.1.0.aarch64.rpm
rtla-0:5.14.0-427.28.1.el9_4.cloud.1.0.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47459
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52458
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35885
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38580
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2265794
https://bugzilla.redhat.com/show_bug.cgi?id=2273236
https://bugzilla.redhat.com/show_bug.cgi?id=2273274
https://bugzilla.redhat.com/show_bug.cgi?id=2275690
https://bugzilla.redhat.com/show_bug.cgi?id=2275761
https://bugzilla.redhat.com/show_bug.cgi?id=2278337
https://bugzilla.redhat.com/show_bug.cgi?id=2278435
https://bugzilla.redhat.com/show_bug.cgi?id=2278473
https://bugzilla.redhat.com/show_bug.cgi?id=2281247
https://bugzilla.redhat.com/show_bug.cgi?id=2281647
https://bugzilla.redhat.com/show_bug.cgi?id=2281700
https://bugzilla.redhat.com/show_bug.cgi?id=2282669
https://bugzilla.redhat.com/show_bug.cgi?id=2282898
https://bugzilla.redhat.com/show_bug.cgi?id=2284506
https://bugzilla.redhat.com/show_bug.cgi?id=2284598
https://bugzilla.redhat.com/show_bug.cgi?id=2293316
https://bugzilla.redhat.com/show_bug.cgi?id=2293412