Lucene search

K
redhatRedHatRHSA-2024:1188
HistoryMar 06, 2024 - 12:21 p.m.

(RHSA-2024:1188) Moderate: kernel security, bug fix, and enhancement update

2024-03-0612:21:12
access.redhat.com
14
linux kernel
security fix
memory leak
out-of-bounds write
use-after-free
denial of service
race condition
remote code execution
bug fix
enhancement.

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (CVE-2021-43975)

  • kernel: memory leak in drivers/hid/hid-elo.c (CVE-2022-27950)

  • kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c (CVE-2022-1055)

  • kernel: use-after-free when psi trigger is destroyed while being polled (CVE-2022-2938)

  • kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)

  • kernel: use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)

  • kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)

  • kernel: Denial of service in beacon protection for P2P-device (CVE-2022-42722)

  • kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)

  • kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)

  • kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)

  • kernel: refcount leak in ctnetlink_create_conntrack() (CVE-2023-7192)

  • kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)

  • kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (CVE-2023-51043)

Bug Fix(es):

  • kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans() (JIRA:RHEL-18732)

  • kernel: use-after-free in bss_ref_get in net/wireless/scan.c (JIRA:RHEL-18733)

  • kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (JIRA:RHEL-18734)

  • kernel: Denial of service in beacon protection for P2P-device (JIRA:RHEL-18735)

  • kernel: x86/mm: Randomize per-cpu entry area (JIRA:RHEL-18817)

  • kernel: KVM: x86/mmu: race condition in direct_page_fault() (JIRA:RHEL-18829)

  • kernel: refcount leak in ctnetlink_create_conntrack() (JIRA:RHEL-20297)

  • kernel: use-after-free in tc_new_tfilter() in net/sched/cls_api.c (JIRA:RHEL-20363)

  • kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (JIRA:RHEL-21660)

  • kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (JIRA:RHEL-22075)

  • kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (JIRA:RHEL-23475)

  • kernel: memory leak in drivers/hid/hid-elo.c (JIRA:RHEL-18557)

  • kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (JIRA:RHEL-18798)

  • kernel: use-after-free when psi trigger is destroyed while being polled (JIRA:RHEL-21919)

  • [RHVH] Migration hangs between RHVH release bellow 4.5.1 and RHVH over or equal 4.5.2 release (JIRA:RHEL-23061)

  • backport smartpqi: fix disable_managed_interrupts (JIRA:RHEL-26137)

Enhancement(s):

  • [MCHP 8.7 FEAT] Update smartpqi driver to latest upstream Second Set of Patches (JIRA:RHEL-21592)

  • [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:RHEL-25809)