CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
16.7%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)
kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)
kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)
kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)
kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)
kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)
Bug Fix(es):
cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux-28943)
BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux-35672)
[HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux-36220)
[Rocky Linux9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux-36687)
ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux-36716)
CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-37641)
IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux-37669)
[RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux-38252)
Isolated cores causing issues on latest Rocky Linux9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux-38595)
[ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux-39083)
[HPEMC Rocky Linux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux-34953)
bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux-43272)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
bugzilla.redhat.com/show_bug.cgi?id=2271680
bugzilla.redhat.com/show_bug.cgi?id=2273429
bugzilla.redhat.com/show_bug.cgi?id=2278354
bugzilla.redhat.com/show_bug.cgi?id=2280745
bugzilla.redhat.com/show_bug.cgi?id=2281350
bugzilla.redhat.com/show_bug.cgi?id=2281740
bugzilla.redhat.com/show_bug.cgi?id=2281920
bugzilla.redhat.com/show_bug.cgi?id=2282336
errata.rockylinux.org/RLSA-2024:4349