CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability (CVE-2023-4155)
kernel: kvm: Avoid potential UAF in LPI translation cache (CVE-2024-26598)
kernel: wifi: mac80211: fix potential key use-after-free (CVE-2023-52530)
kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)
kernel: KVM: s390: vsie: fix race during shadow creation (CVE-2023-52639)
kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)
kernel: net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)
kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)
kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)
kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)
kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)
kernel: net: qcom/emac: fix UAF in emac_remove (CVE-2021-47311)
kernel: net: ti: fix UAF in tlan_remove_one (CVE-2021-47310)
kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.