Lucene search

HistoryFeb 21, 2024 - 12:10 a.m.

(RHSA-2024:0930) Important: kernel security update

linux kernel
security update
privilege escalation
oob write
spectre v2
cvss score
cve page

6.3 Medium

AI Score



0.001 Low




The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)

  • kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)

  • kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)

  • kernel: media: em28xx: initialize refcount before kref_get (CVE-2022-3239)

  • kernel: use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)

  • kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)

  • hw: cpu: arm64: Spectre-BHB (CVE-2022-23960)

  • kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581)

  • kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c (CVE-2022-36402)

  • kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)

  • kernel: vmwgfx: use-after-free in vmw_cmd_res_check (CVE-2022-38457)

  • kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context (CVE-2022-40133)

  • kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)

  • kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event’s read_size (CVE-2023-6931)

  • kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 (CVE-2023-30456)

  • kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)

  • kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)

  • kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.