CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
Confidence
High
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number (CVE-2023-52881,RHV-2024-1001)
kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)
kernel: drm: Don’t unref the same fb many times by mistake due to deadlock handling (CVE-2023-52486)
kernel: pstore/ram: Fix crash when setting number of cpus to an odd number (CVE-2023-52619)
kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)
kernel: vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
kernel: igc: avoid returning frame twice in XDP_REDIRECT (CVE-2024-26853)
kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)
kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)
kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (CVE-2024-35789)
kernel: wifi: iwlwifi: dbg-tlv: ensure NUL termination (CVE-2024-35845)
kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)
kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)
kernel: wifi: nl80211: don't free NULL coalescing rule (CVE-2024-36941)
kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)
kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979)
kernel: drm/amdgpu: Fix possible null pointer dereference (CVE-2023-52883)
kernel: phylib: fix potential use-after-free (CVE-2022-48754)
kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743)
kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (CVE-2024-38596)
kernel: net: fix information leakage in /proc/net/ptype (CVE-2022-48757)
kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
kernel: gfs2: Fix potential glock use-after-free on unmount (CVE-2024-38570)
kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (CVE-2024-33621)
kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CVE-2024-37356)
kernel: tls: fix missing memory barrier in tls_init (CVE-2024-36489)
kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | kernel-rt | * | cpe:2.3:o:redhat:kernel-rt:*:*:*:*:*:*:*:* |
redhat | kernel | * | cpe:2.3:a:redhat:kernel:*:*:*:*:*:*:*:* |
redhat | enterprise_linux | nfv | cpe:2.3:o:redhat:enterprise_linux:nfv:*:*:*:*:*:*:* |
redhat | enterprise_linux | 8 | cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:* |
redhat | enterprise_linux | 9 | cpe:2.3:o:redhat:enterprise_linux:9:*:*:*:*:*:*:* |