CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
43.7%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number (CVE-2023-52881,RHV-2024-1001)
kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)
kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (CVE-2023-52448)
kernel: bnxt: prevent skb UAF after handing over to PTP worker (CVE-2022-48637)
kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
kernel: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (CVE-2024-35852)
kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
kernel: net: qcom/emac: fix UAF in emac_remove (CVE-2021-47311)
kernel: proc/vmcore: fix clearing user buffer by properly using clear_user() (CVE-2021-47566)
kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)
kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)
kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)
kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)
kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)
kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)
kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.