Lucene search

Rockylinux Product ErrataRXSA-2024:4349

HistoryJul 15, 2024 - 12:20 p.m.

kernel security and bug fix update

2024-07-1512:20:29

Rockylinux Product Errata

errata.rockylinux.org

kernel

security

update

rocky linux

bug fix

cve

vulnerability

scoring system

bluetooth

crypto

xen-netfront

smb

hns3

cifs

ipv6

ice

bnx2x

jira

linux operating system

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

9.2

Confidence

High

JSON

An update is available for kernel.
This update affects Rocky Linux SIG Cloud 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)
kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)
kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)
kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)
kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)
kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)

Bug Fix(es):

cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux SIG Cloud-28943)
BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-35672)
[HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36220)
[Rocky Linux SIG Cloud9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36687)
ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36716)
CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-37641)
IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-37669)
[RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-38252)
Isolated cores causing issues on latest Rocky Linux SIG Cloud9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-38595)
[ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-39083)
[HPEMC Rocky Linux SIG Cloud 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-34953)
bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-43272)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky9aarch64bpftool< 7.3.0-427.24.1.el9_4.cloud.3.0bpftool-0:7.3.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9x86_64bpftool< 7.3.0-427.24.1.el9_4.cloud.3.0bpftool-0:7.3.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky9aarch64bpftool-debuginfo< 7.3.0-427.24.1.el9_4.cloud.3.0bpftool-debuginfo-0:7.3.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9x86_64bpftool-debuginfo< 7.3.0-427.24.1.el9_4.cloud.3.0bpftool-debuginfo-0:7.3.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky9aarch64kernel< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9x86_64kernel< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-0:5.14.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky9aarch64kernel-64k< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-64k-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9aarch64kernel-64k-core< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-64k-core-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9aarch64kernel-64k-debug< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-64k-debug-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky9aarch64kernel-64k-debug-core< 5.14.0-427.24.1.el9_4.cloud.3.0kernel-64k-debug-core-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	9	aarch64	bpftool	< 7.3.0-427.24.1.el9_4.cloud.3.0	bpftool-0:7.3.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	x86_64	bpftool	< 7.3.0-427.24.1.el9_4.cloud.3.0	bpftool-0:7.3.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky	9	aarch64	bpftool-debuginfo	< 7.3.0-427.24.1.el9_4.cloud.3.0	bpftool-debuginfo-0:7.3.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	x86_64	bpftool-debuginfo	< 7.3.0-427.24.1.el9_4.cloud.3.0	bpftool-debuginfo-0:7.3.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky	9	aarch64	kernel	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	x86_64	kernel	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-0:5.14.0-427.24.1.el9_4.cloud.3.0.x86_64.rpm
rocky	9	aarch64	kernel-64k	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-64k-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	aarch64	kernel-64k-core	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-64k-core-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	aarch64	kernel-64k-debug	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-64k-debug-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm
rocky	9	aarch64	kernel-64k-debug-core	< 5.14.0-427.24.1.el9_4.cloud.3.0	kernel-64k-debug-core-0:5.14.0-427.24.1.el9_4.cloud.3.0.aarch64.rpm