Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : kernel (RHSA-2024:5257)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5257 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netfilter: nftables: disallow...

ionic: fix kernel panic due to multi-buffer handling

...

Oracle Linux 8 : kernel (ELSA-2024-5101)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5101 advisory. - ionic: fix use after netifnapidel CKI Backport Bot RHEL-47624 CVE-2024-39502 - ionic: clean interrupt before enabling queue to avoid credit race CKI...

kernel: ionic: fix use after netif_napi_del()

A vulnerability was found in the Linux kernel's Ionic driver in the ionicqcqenable function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netifnapidel, leading to a use-after-free scenario when attempting to enable a previously...

kernel: ionic: fix use after netif_napi_del()

A vulnerability was found in the Linux kernel's Ionic driver in the ionicqcqenable function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netifnapidel, leading to a use-after-free scenario when attempting to enable a previously...

SUSE CVE-2024-42071

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

SUSE CVE-2024-42083

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...

CVE-2024-42083

A kernel panic flaw was found in the linux kernel. ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with all necessary pages in the rx descriptor. If the action is either XDPTX or XDPREDIRECT,...

CVE-2024-42071

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

CVE-2024-42083

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...

AZL-47053 CVE-2024-42083 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...

AZL-47207 CVE-2024-42083 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...

DEBIAN-CVE-2024-42083

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...

CVE-2024-42071

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

AZL-47192 CVE-2024-42071 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

AZL-47109 CVE-2024-42071 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

DEBIAN-CVE-2024-42071

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

UBUNTU-CVE-2024-42071

In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb, specifically we need to call it with budget==0 to signal to it that we're not in a safe...

UBUNTU-CVE-2024-42083

In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-buffer handling Currently, the ionicrunxdp doesn't handle multi-buffer packets properly for XDPTX and XDPREDIRECT. When a jumbo frame is received, the ionicrunxdp first makes xdp frame with al...