Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-068 (ALASKERNEL-5.4-2024-068)

The version of kernel installed on the remote host is prior to 5.4.271-184.369. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-068 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in...

CVE-2024-26736

In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afsupdatevolumestatus The max length of volume-vid value is 20 characters. So increase idbuf size up to 24 to avoid overflow. Found by Linux Verification Center linuxtesting.org with SVACE. DH:...

CVE-2024-26736

CVE-2024-26736 (Linux kernel afs): A local vulnerability in afs_update_volume_status() where volume->vid is limited to 20 characters, risking a buffer overflow. The fix increases idbuf size from 20 to 24 and uses snprintf to prevent overflow. Affected: Linux kernel (afs subsystem). Reported by...

CVE-2024-26736 afs: Increase buffer size in afs_update_volume_status()

In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afsupdatevolumestatus The max length of volume-vid value is 20 characters. So increase idbuf size up to 24 to avoid overflow. Found by Linux Verification Center linuxtesting.org with SVACE. DH:...