Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

CVE-2024-50223

CVE-2024-50223: In Linux kernel sched/numa, a potential null pointer dereference in task_numa_work() could occur when a stress scenario unmapped a child address space, causing vma_next() to return NULL. The backtrace shows dereferencing a NULL vma in vma_migratable, leading to a crash. Root cause...

bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()

...

SUSE CVE-2024-50162

In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPFMAPTYPEDEVMAP does not have it set. This is...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2815)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : vsock/virtio: free queued packets when closing socketCVE-2021-47024 KVM: PPC: Fix kvmarchvcpuioctl vcpuload leakCVE-2021-47296 kernel:RDMA/cma:...

CVE-2024-50150 usb: typec: altmode should keep reference to parent

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...

CVE-2024-50124 Bluetooth: ISO: Fix UAF on iso_sock_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

LSN-0107-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

LSN-0107-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

SUSE SLES15 Security Update : kernel (Live Patch 45 for SLE 15 SP3) (SUSE-SU-2024:3774-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3774-1 advisory. This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2021-47598: schcake: ...

CVE-2024-50080 ublk: don't allow user copy for unprivileged device

In the Linux kernel, the following vulnerability has been resolved: ublk: don't allow user copy for unprivileged device UBLKFUSERCOPY requires userspace to call write on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow user copy for unprivilege...

CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

CVE-2022-49013 sctp: fix memory leak in sctp_stream_outq_migrate()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix memory leak in sctpstreamoutqmigrate When sctpstreamoutqmigrate is called to release stream out resources, the memory pointed to by priohead in stream out is not released. The memory leak information is as follows:...

AZL-51420 CVE-2024-49901 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msmgpu-pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 "drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails" where msmgpucleanup :...

SUSE CVE-2024-47727

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...

AZL-50858 CVE-2024-49861 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...

DEBIAN-CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the nilfspalloccommitfreeentry function in the nilfs2 file system...