CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.2%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)
kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number (CVE-2023-52881,RHV-2024-1001)
kernel: ovl: fix leaked entry (CVE-2021-46972)
kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (CVE-2021-47073)
kernel: gro: fix ownership transfer (CVE-2024-35890)
kernel: tls: (CVE-2024-26584, CVE-2024-26583, CVE-2024-26585)
kernel: wifi: (CVE-2024-35789, CVE-2024-27410, CVE-2024-35838, CVE-2024-35845)
kernel: mlxsw: (CVE-2024-35855, CVE-2024-35854, CVE-2024-35853, CVE-2024-35852, CVE-2024-36007)
kernel: PCI interrupt mapping cause oops [rhel-8] (CVE-2021-46909)
kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)
kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng [rhel-8] (CVE-2023-52615)
kernel: net/mlx5e: (CVE-2023-52626, CVE-2024-35835, CVE-2023-52667, CVE-2024-35959)
kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset [rhel-8] (CVE-2024-26801)
kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)
kernel: netfilter: nf_tables: use timestamp to check for set element timeout [rhel-8.10] (CVE-2024-27397)
kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)
kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)
kernel: x86/mm/swap: (CVE-2024-26759, CVE-2024-26906)
kernel: tipc: fix kernel warning when sending SYN message [rhel-8] (CVE-2023-52700)
kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)
kernel: erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)
kernel: powerpc/imc-pmu/powernv: (CVE-2023-52675, CVE-2023-52686)
kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)
kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)
kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)
kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)
kernel: crypto: (CVE-2024-26974, CVE-2023-52669, CVE-2023-52813)
kernel: net/mlx5/bnx2x/usb: (CVE-2024-35960, CVE-2024-35958, CVE-2021-47310, CVE-2024-26804, CVE-2021-47311, CVE-2024-26859, CVE-2021-47236, CVE-2023-52703)
kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)
kernel: perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)
kernel: USB/usbnet: (CVE-2023-52781, CVE-2023-52877, CVE-2021-47495)
kernel: can: (CVE-2023-52878, CVE-2021-47456)
kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)
kernel: udf: Fix NULL pointer dereference in udf_symlink function (CVE-2021-47353)
Bug Fix(es):
Kernel panic - kernel BUG at mm/slub.c:376! (JIRA:Rocky Linux-29783)
Temporary values in FIPS integrity test should be zeroized [rhel-8.10.z] (JIRA:Rocky Linux-35361)
Rocky Linux8.6 - kernel: s390/cpum_cf: make crypto counters upward compatible (JIRA:Rocky Linux-36048)
[Rocky Linux8] blktests block/024 failed (JIRA:Rocky Linux-8130)
Rocky Linux8.9: EEH injections results Error: Power fault on Port 0 and other call traces(Everest/1050/Shiner) (JIRA:Rocky Linux-14195)
Latency spikes with Matrox G200 graphic cards (JIRA:Rocky Linux-36172)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
bugzilla.redhat.com/show_bug.cgi?id=1918601
bugzilla.redhat.com/show_bug.cgi?id=2248122
bugzilla.redhat.com/show_bug.cgi?id=2258875
bugzilla.redhat.com/show_bug.cgi?id=2265517
bugzilla.redhat.com/show_bug.cgi?id=2265519
bugzilla.redhat.com/show_bug.cgi?id=2265520
bugzilla.redhat.com/show_bug.cgi?id=2265800
bugzilla.redhat.com/show_bug.cgi?id=2266408
bugzilla.redhat.com/show_bug.cgi?id=2266831
bugzilla.redhat.com/show_bug.cgi?id=2267513
bugzilla.redhat.com/show_bug.cgi?id=2267518
bugzilla.redhat.com/show_bug.cgi?id=2267730
bugzilla.redhat.com/show_bug.cgi?id=2270093
bugzilla.redhat.com/show_bug.cgi?id=2271680
bugzilla.redhat.com/show_bug.cgi?id=2272692
bugzilla.redhat.com/show_bug.cgi?id=2272829
bugzilla.redhat.com/show_bug.cgi?id=2273204
bugzilla.redhat.com/show_bug.cgi?id=2273278
bugzilla.redhat.com/show_bug.cgi?id=2273423
bugzilla.redhat.com/show_bug.cgi?id=2273429
bugzilla.redhat.com/show_bug.cgi?id=2275604
bugzilla.redhat.com/show_bug.cgi?id=2275633
bugzilla.redhat.com/show_bug.cgi?id=2275635
bugzilla.redhat.com/show_bug.cgi?id=2275733
bugzilla.redhat.com/show_bug.cgi?id=2278337
bugzilla.redhat.com/show_bug.cgi?id=2278354
bugzilla.redhat.com/show_bug.cgi?id=2280434
bugzilla.redhat.com/show_bug.cgi?id=2281057
bugzilla.redhat.com/show_bug.cgi?id=2281113
bugzilla.redhat.com/show_bug.cgi?id=2281157
bugzilla.redhat.com/show_bug.cgi?id=2281165
bugzilla.redhat.com/show_bug.cgi?id=2281251
bugzilla.redhat.com/show_bug.cgi?id=2281253
bugzilla.redhat.com/show_bug.cgi?id=2281255
bugzilla.redhat.com/show_bug.cgi?id=2281257
bugzilla.redhat.com/show_bug.cgi?id=2281272
bugzilla.redhat.com/show_bug.cgi?id=2281311
bugzilla.redhat.com/show_bug.cgi?id=2281334
bugzilla.redhat.com/show_bug.cgi?id=2281346
bugzilla.redhat.com/show_bug.cgi?id=2281350
bugzilla.redhat.com/show_bug.cgi?id=2281689
bugzilla.redhat.com/show_bug.cgi?id=2281693
bugzilla.redhat.com/show_bug.cgi?id=2281920
bugzilla.redhat.com/show_bug.cgi?id=2281923
bugzilla.redhat.com/show_bug.cgi?id=2281925
bugzilla.redhat.com/show_bug.cgi?id=2281953
bugzilla.redhat.com/show_bug.cgi?id=2281986
bugzilla.redhat.com/show_bug.cgi?id=2282394
bugzilla.redhat.com/show_bug.cgi?id=2282400
bugzilla.redhat.com/show_bug.cgi?id=2282471
bugzilla.redhat.com/show_bug.cgi?id=2282472
bugzilla.redhat.com/show_bug.cgi?id=2282581
bugzilla.redhat.com/show_bug.cgi?id=2282609
bugzilla.redhat.com/show_bug.cgi?id=2282612
bugzilla.redhat.com/show_bug.cgi?id=2282653
bugzilla.redhat.com/show_bug.cgi?id=2282680
bugzilla.redhat.com/show_bug.cgi?id=2282698
bugzilla.redhat.com/show_bug.cgi?id=2282712
bugzilla.redhat.com/show_bug.cgi?id=2282735
bugzilla.redhat.com/show_bug.cgi?id=2282902
bugzilla.redhat.com/show_bug.cgi?id=2282920
errata.rockylinux.org/RLSA-2024:4211
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.2%