CLSA-2024-1711026811 kernel: Fix of 7 CVEs

netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one CVE-2023-39197 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier CVE-2023-52449 - media: pvrusb2: fix use after free on context disconnection CVE-2023-52445 - net: prevent mss overflow in skbsegment...

Medium: kernel

Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...

Important: kernel

Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 A flaw was found in the smb client in the Linux kernel. A...

OESA-2024-1241 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the...