CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
16.4%
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)
kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)
kernel: tunnels: fix out of bounds access when building IPv6 PMTU error (CVE-2024-26665)
kernel: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (CVE-2024-26698)
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)
kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)
kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)
kernel: af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)
kernel: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (CVE-2022-48638)
kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (CVE-2024-27020)
kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (CVE-2024-27019)
kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (CVE-2024-27399)
kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (CVE-2024-35969)
kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)
kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)
kernel: virtio-net: Add validation for used length (CVE-2021-47352)
kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (CVE-2023-52811)
kernel: bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)
kernel: isdn: mISDN: Fix sleeping function called from invalid context (CVE-2021-47468)
kernel: proc/vmcore: fix clearing user buffer by properly using clear_user() (CVE-2021-47566)
kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)
kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)
kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)
kernel: cpufreq: exit() callback is optional (CVE-2024-38615)
kernel: md: fix resync softlockup when bitmap size is less than array size (CVE-2024-38598)
kernel: cppc_cpufreq: Fix possible null pointer dereference (CVE-2024-38573)
kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)
kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)
kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (CVE-2024-41041)
kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)
kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)
kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)
kernel: tcp_metrics: validate source addr length (CVE-2024-42154)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.