Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:RLSA-2024:4349
HistoryJul 15, 2024 - 12:18 p.m.

Moderate: kernel security and bug fix update

2024-07-1512:18:37
Google
osv.dev
14
linux kernel
security
bug fix
net/mlx5e
bluetooth
crypto
qat
xen-netfront
smb
net/mlx5
hns3
cifs
ice
ipv6
tmpfs
vf reset
turbostat
bnx2x
rocky linux
jira
cvss score

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

9.2

Confidence

High

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)

  • kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)

  • kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)

  • kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)

  • kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

  • kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)

  • kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)

  • kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)

Bug Fix(es):

  • cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux-28943)

  • BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux-35672)

  • [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux-36220)

  • [Rocky Linux9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux-36687)

  • ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux-36716)

  • CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-37641)

  • IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux-37669)

  • [RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux-38252)

  • Isolated cores causing issues on latest Rocky Linux9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux-38595)

  • [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux-39083)

  • [HPEMC Rocky Linux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux-34953)

  • bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux-43272)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Related

oraclelinux 3
rocky 5
nessus 44
osv 28
redhat 20
redhatcve 8
ubuntucve 8
debiancve 8
vulnrichment 6
nvd 8
cvelist 8
cve 8
cbl_mariner 2
xen 1
almalinux 2
photon 1
ibm 4
ubuntu 17
openvas 17
redos 1
oraclelinux
oraclelinux
kernel security and bug fix update
2024-07-08 00:00:00
kernel security and bug fix update
2024-07-02 00:00:00
Unbreakable Enterprise kernel security update
2024-09-02 00:00:00
rocky
rocky
kernel security and bug fix update
2024-07-15 12:20:29
kernel security and bug fix update
2024-07-15 12:18:37
kernel-rt security and bug fix update
2024-07-15 12:17:54
nessus
nessus
Rocky Linux 9 : kernel (RLSA-2024:4349)
2024-07-15 00:00:00
Oracle Linux 9 : kernel (ELSA-2024-4349)
2024-07-09 00:00:00
RHEL 9 : kernel (RHSA-2024:4349)
2024-07-08 00:00:00
osv
osv
Moderate: kernel security and bug fix update
2024-07-15 12:20:29
CVE-2021-47400
2024-05-21 15:15:00
CVE-2024-27393
2024-05-14 15:12:00
redhat
redhat
(RHSA-2024:4349) Moderate: kernel security and bug fix update
2024-07-08 01:54:18
(RHSA-2024:4108) Important: kernel security and bug fix update
2024-06-26 00:05:24
(RHSA-2024:4106) Important: kernel-rt security update
2024-06-26 00:04:06
redhatcve
redhatcve
CVE-2021-47400
2024-05-22 08:57:12
CVE-2024-27393
2024-05-16 05:24:37
CVE-2024-35870
2024-05-20 13:44:42
ubuntucve
ubuntucve
CVE-2021-47400
2024-05-21 00:00:00
CVE-2024-35870
2024-05-19 00:00:00
CVE-2024-27393
2024-05-14 00:00:00
debiancve
debiancve
CVE-2021-47400
2024-05-21 15:15:25
CVE-2024-27393
2024-05-14 15:12:26
CVE-2023-52626
2024-03-26 18:15:09
vulnrichment
vulnrichment
CVE-2021-47400 net: hns3: do not allow call hns3_nic_net_open repeatedly
2024-05-21 15:03:55
CVE-2024-27393 xen-netfront: Add missing skb_mark_for_recycle
2024-05-09 16:37:07
CVE-2024-35870 smb: client: fix UAF in smb2_reconnect_server()
2024-05-19 08:34:28
nvd
nvd
CVE-2021-47400
2024-05-21 15:15:25
CVE-2024-27393
2024-05-14 15:12:26
CVE-2024-35870
2024-05-19 09:15:08
cvelist
cvelist
CVE-2021-47400 net: hns3: do not allow call hns3_nic_net_open repeatedly
2024-05-21 15:03:55
CVE-2024-27393 xen-netfront: Add missing skb_mark_for_recycle
2024-05-09 16:37:07
CVE-2024-35870 smb: client: fix UAF in smb2_reconnect_server()
2024-05-19 08:34:28
cve
cve
CVE-2021-47400
2024-05-21 15:15:25
CVE-2024-35870
2024-05-19 09:15:08
CVE-2024-27393
2024-05-14 15:12:26
cbl_mariner
cbl_mariner
CVE-2024-27393 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02
CVE-2024-26974 affecting package hyperv-daemons for versions less than 6.6.35.1-1
2024-07-23 02:21:02
xen
xen
Linux/xen-netfront: Memory leak due to missing cleanup function
2024-05-07 17:11:00
almalinux
almalinux
Important: kernel security and bug fix update
2024-07-02 00:00:00
Important: kernel-rt security and bug fix update
2024-07-08 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0274
2024-05-18 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-08-22 09:25:46
Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF002
2024-09-05 20:05:41
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-07-31 19:41:25
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-05-16 00:00:00
Linux kernel vulnerabilities
2024-05-16 00:00:00
Linux kernel vulnerabilities
2024-05-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6774-1)
2024-05-17 00:00:00
Ubuntu: Security Advisory (USN-6778-1)
2024-05-17 00:00:00
Ubuntu: Security Advisory (USN-6777-4)
2024-05-24 00:00:00
redos
redos
ROS-20240821-02
2024-08-21 00:00:00

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

9.2

Confidence

High

JSON
Related for OSV:RLSA-2024:4349
oraclelinux3rocky5nessus44osv28redhat20redhatcve8ubuntucve8debiancve8vulnrichment6nvd8cvelist8cve8cbl_mariner2xen1almalinux2photon1ibm4ubuntu17openvas17redos1