ALSA-2024:5928
- Source
- https://errata.almalinux.org/9/ALSA-2024-5928.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:5928.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2024:5928
- Related
- Published
- 2024-08-28T00:00:00Z
- Modified
- 2024-11-03T22:29:00Z
- Summary
- Important: kernel security update
- Details
-
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: nftables: nftsetrbtree skip end interval element from gc (CVE-2024-26581)
- kernel: netfilter: nft_limit: reject configurations that cause integer overflow (CVE-2024-26668)
- kernel: vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
- kernel: net: ice: Fix potential NULL pointer dereference in icebridgesetlink() (CVE-2024-26855)
- kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
- kernel: netfilter: nftables: release mutex after nftgcseqend from abort path (CVE-2024-26925)
- kernel: netfilter: nftables: Fix potential data-race in _nftexprtype_get() (CVE-2024-27020)
- kernel: netfilter: nftables: Fix potential data-race in _nftobjtype_get() (CVE-2024-27019)
- kernel: netfilter: flowtable: validate pppoe header (CVE-2024-27016)
- kernel: netfilter: bridge: confirm multicast packets before passing them up the stack (CVE-2024-27415)
- kernel: netfilter: bridge: replace physindev with physinif in nfbridgeinfo (CVE-2024-35839)
- kernel: netfilter: nftables: Fix potential data-race in _nftflowtabletype_get() (CVE-2024-35898)
- kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)
- kernel: netfilter: validate user input for expected length (CVE-2024-35896)
- kernel: netfilter: complete validation of user input (CVE-2024-35962)
- kernel: ice: fix LAG and VF lock dependency in iceresetvf() (CVE-2024-36003)
- kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race (CVE-2023-52771)
- kernel: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc (CVE-2023-52880)
- kernel: scsi: qla2xxx: Fix off by one in qlaedifapp_getstats() (CVE-2024-36025)
- kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
- kernel: crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
- kernel: RDMA/rxe: Fix seg fault in rxecompqueue_pkt (CVE-2024-38544)
- kernel: bnxtre: avoid shift undefined behavior in bnxtqpliballocinit_hwq (CVE-2024-38540)
- kernel: net: bridge: xmit: make sure we have at least eth header len bytes (CVE-2024-38538)
- kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MDSBCHANGE_PENDING (CVE-2024-39476)
- kernel: ipv6: fix possible race in _fib6droppcpufrom() (CVE-2024-40905)
- kernel: wifi: cfg80211: Lock wiphy in cfg80211getstation (CVE-2024-40911)
- kernel: wifi: mac80211: Fix deadlock in ieee80211stapsdeliverwakeup() (CVE-2024-40912)
- kernel: mm/hugememory: don't unpoison hugezero_folio (CVE-2024-40914)
- kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CVE-2024-40929)
- kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (CVE-2024-40939)
- kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CVE-2024-40941)
- kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (CVE-2024-40957)
- kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978)
- kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
- kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
- kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
- kernel: udp: Set SOCKRCUFREE earlier in udplibget_port() (CVE-2024-41041)
- kernel: NFSv4: Fix memory leak in nfs4setsecurity_label (CVE-2024-41076)
- kernel: net: ntbnetdev: Move ntbnetdevrxhandler() to call netifrx() from _netif_rx() (CVE-2024-42110)
- kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2024:5928
- https://access.redhat.com/security/cve/CVE-2023-52771
- https://access.redhat.com/security/cve/CVE-2023-52880
- https://access.redhat.com/security/cve/CVE-2024-26581
- https://access.redhat.com/security/cve/CVE-2024-26668
- https://access.redhat.com/security/cve/CVE-2024-26810
- https://access.redhat.com/security/cve/CVE-2024-26855
- https://access.redhat.com/security/cve/CVE-2024-26908
- https://access.redhat.com/security/cve/CVE-2024-26925
- https://access.redhat.com/security/cve/CVE-2024-27016
- https://access.redhat.com/security/cve/CVE-2024-27019
- https://access.redhat.com/security/cve/CVE-2024-27020
- https://access.redhat.com/security/cve/CVE-2024-27415
- https://access.redhat.com/security/cve/CVE-2024-35839
- https://access.redhat.com/security/cve/CVE-2024-35896
- https://access.redhat.com/security/cve/CVE-2024-35897
- https://access.redhat.com/security/cve/CVE-2024-35898
- https://access.redhat.com/security/cve/CVE-2024-35962
- https://access.redhat.com/security/cve/CVE-2024-36003
- https://access.redhat.com/security/cve/CVE-2024-36025
- https://access.redhat.com/security/cve/CVE-2024-38538
- https://access.redhat.com/security/cve/CVE-2024-38540
- https://access.redhat.com/security/cve/CVE-2024-38544
- https://access.redhat.com/security/cve/CVE-2024-38579
- https://access.redhat.com/security/cve/CVE-2024-38608
- https://access.redhat.com/security/cve/CVE-2024-39476
- https://access.redhat.com/security/cve/CVE-2024-40905
- https://access.redhat.com/security/cve/CVE-2024-40911
- https://access.redhat.com/security/cve/CVE-2024-40912
- https://access.redhat.com/security/cve/CVE-2024-40914
- https://access.redhat.com/security/cve/CVE-2024-40929
- https://access.redhat.com/security/cve/CVE-2024-40939
- https://access.redhat.com/security/cve/CVE-2024-40941
- https://access.redhat.com/security/cve/CVE-2024-40957
- https://access.redhat.com/security/cve/CVE-2024-40978
- https://access.redhat.com/security/cve/CVE-2024-40983
- https://access.redhat.com/security/cve/CVE-2024-41041
- https://access.redhat.com/security/cve/CVE-2024-41076
- https://access.redhat.com/security/cve/CVE-2024-41090
- https://access.redhat.com/security/cve/CVE-2024-41091
- https://access.redhat.com/security/cve/CVE-2024-42110
- https://access.redhat.com/security/cve/CVE-2024-42152
- https://bugzilla.redhat.com/2265185
- https://bugzilla.redhat.com/2272797
- https://bugzilla.redhat.com/2273654
- https://bugzilla.redhat.com/2275742
- https://bugzilla.redhat.com/2275744
- https://bugzilla.redhat.com/2277166
- https://bugzilla.redhat.com/2278256
- https://bugzilla.redhat.com/2278258
- https://bugzilla.redhat.com/2278264
- https://bugzilla.redhat.com/2281101
- https://bugzilla.redhat.com/2281284
- https://bugzilla.redhat.com/2281669
- https://bugzilla.redhat.com/2281672
- https://bugzilla.redhat.com/2281675
- https://bugzilla.redhat.com/2281916
- https://bugzilla.redhat.com/2281958
- https://bugzilla.redhat.com/2282720
- https://bugzilla.redhat.com/2283468
- https://bugzilla.redhat.com/2284421
- https://bugzilla.redhat.com/2293356
- https://bugzilla.redhat.com/2293414
- https://bugzilla.redhat.com/2293455
- https://bugzilla.redhat.com/2293459
- https://bugzilla.redhat.com/2293461
- https://bugzilla.redhat.com/2295914
- https://bugzilla.redhat.com/2297489
- https://bugzilla.redhat.com/2297495
- https://bugzilla.redhat.com/2297496
- https://bugzilla.redhat.com/2297498
- https://bugzilla.redhat.com/2297513
- https://bugzilla.redhat.com/2297523
- https://bugzilla.redhat.com/2297525
- https://bugzilla.redhat.com/2297541
- https://bugzilla.redhat.com/2297562
- https://bugzilla.redhat.com/2297567
- https://bugzilla.redhat.com/2299240
- https://bugzilla.redhat.com/2299336
- https://bugzilla.redhat.com/2300410
- https://bugzilla.redhat.com/2300453
- https://bugzilla.redhat.com/2301473
- https://bugzilla.redhat.com/2301519
- https://errata.almalinux.org/9/ALSA-2024-5928.html
Affected packages
AlmaLinux:9 / bpftool
Package
- Name
- bpftool
AlmaLinux:9 / kernel
Package
- Name
- kernel
AlmaLinux:9 / kernel-64k
Package
- Name
- kernel-64k
AlmaLinux:9 / kernel-64k-core
Package
- Name
- kernel-64k-core
AlmaLinux:9 / kernel-64k-debug
Package
- Name
- kernel-64k-debug
AlmaLinux:9 / kernel-64k-debug-core
Package
- Name
- kernel-64k-debug-core
AlmaLinux:9 / kernel-64k-debug-devel
Package
- Name
- kernel-64k-debug-devel
AlmaLinux:9 / kernel-64k-debug-devel-matched
Package
- Name
- kernel-64k-debug-devel-matched
AlmaLinux:9 / kernel-64k-debug-modules
Package
- Name
- kernel-64k-debug-modules
AlmaLinux:9 / kernel-64k-debug-modules-core
Package
- Name
- kernel-64k-debug-modules-core
AlmaLinux:9 / kernel-64k-debug-modules-extra
Package
- Name
- kernel-64k-debug-modules-extra
AlmaLinux:9 / kernel-64k-devel
Package
- Name
- kernel-64k-devel
AlmaLinux:9 / kernel-64k-devel-matched
Package
- Name
- kernel-64k-devel-matched
AlmaLinux:9 / kernel-64k-modules
Package
- Name
- kernel-64k-modules
AlmaLinux:9 / kernel-64k-modules-core
Package
- Name
- kernel-64k-modules-core
AlmaLinux:9 / kernel-64k-modules-extra
Package
- Name
- kernel-64k-modules-extra
AlmaLinux:9 / kernel-abi-stablelists
Package
- Name
- kernel-abi-stablelists
AlmaLinux:9 / kernel-core
Package
- Name
- kernel-core
AlmaLinux:9 / kernel-cross-headers
Package
- Name
- kernel-cross-headers
AlmaLinux:9 / kernel-debug
Package
- Name
- kernel-debug
AlmaLinux:9 / kernel-debug-core
Package
- Name
- kernel-debug-core
AlmaLinux:9 / kernel-debug-devel
Package
- Name
- kernel-debug-devel
AlmaLinux:9 / kernel-debug-devel-matched
Package
- Name
- kernel-debug-devel-matched
AlmaLinux:9 / kernel-debug-modules
Package
- Name
- kernel-debug-modules
AlmaLinux:9 / kernel-debug-modules-core
Package
- Name
- kernel-debug-modules-core
AlmaLinux:9 / kernel-debug-modules-extra
Package
- Name
- kernel-debug-modules-extra
AlmaLinux:9 / kernel-debug-uki-virt
Package
- Name
- kernel-debug-uki-virt
AlmaLinux:9 / kernel-devel
Package
- Name
- kernel-devel
AlmaLinux:9 / kernel-devel-matched
Package
- Name
- kernel-devel-matched
AlmaLinux:9 / kernel-doc
Package
- Name
- kernel-doc
AlmaLinux:9 / kernel-headers
Package
- Name
- kernel-headers
AlmaLinux:9 / kernel-modules
Package
- Name
- kernel-modules
AlmaLinux:9 / kernel-modules-core
Package
- Name
- kernel-modules-core
AlmaLinux:9 / kernel-modules-extra
Package
- Name
- kernel-modules-extra
AlmaLinux:9 / kernel-rt
Package
- Name
- kernel-rt
AlmaLinux:9 / kernel-rt-core
Package
- Name
- kernel-rt-core
AlmaLinux:9 / kernel-rt-debug
Package
- Name
- kernel-rt-debug
AlmaLinux:9 / kernel-rt-debug-core
Package
- Name
- kernel-rt-debug-core
AlmaLinux:9 / kernel-rt-debug-devel
Package
- Name
- kernel-rt-debug-devel
AlmaLinux:9 / kernel-rt-debug-modules
Package
- Name
- kernel-rt-debug-modules
AlmaLinux:9 / kernel-rt-debug-modules-core
Package
- Name
- kernel-rt-debug-modules-core
AlmaLinux:9 / kernel-rt-debug-modules-extra
Package
- Name
- kernel-rt-debug-modules-extra
AlmaLinux:9 / kernel-rt-devel
Package
- Name
- kernel-rt-devel
AlmaLinux:9 / kernel-rt-modules
Package
- Name
- kernel-rt-modules
AlmaLinux:9 / kernel-rt-modules-core
Package
- Name
- kernel-rt-modules-core
AlmaLinux:9 / kernel-rt-modules-extra
Package
- Name
- kernel-rt-modules-extra
AlmaLinux:9 / kernel-tools
Package
- Name
- kernel-tools
AlmaLinux:9 / kernel-tools-libs
Package
- Name
- kernel-tools-libs
AlmaLinux:9 / kernel-tools-libs-devel
Package
- Name
- kernel-tools-libs-devel
AlmaLinux:9 / kernel-uki-virt
Package
- Name
- kernel-uki-virt
AlmaLinux:9 / kernel-zfcpdump
Package
- Name
- kernel-zfcpdump
AlmaLinux:9 / kernel-zfcpdump-core
Package
- Name
- kernel-zfcpdump-core
AlmaLinux:9 / kernel-zfcpdump-devel
Package
- Name
- kernel-zfcpdump-devel
AlmaLinux:9 / kernel-zfcpdump-devel-matched
Package
- Name
- kernel-zfcpdump-devel-matched
AlmaLinux:9 / kernel-zfcpdump-modules
Package
- Name
- kernel-zfcpdump-modules
AlmaLinux:9 / kernel-zfcpdump-modules-core
Package
- Name
- kernel-zfcpdump-modules-core
AlmaLinux:9 / kernel-zfcpdump-modules-extra
Package
- Name
- kernel-zfcpdump-modules-extra
AlmaLinux:9 / libperf
Package
- Name
- libperf
AlmaLinux:9 / perf
Package
- Name
- perf
AlmaLinux:9 / python3-perf
Package
- Name
- python3-perf
AlmaLinux:9 / rtla
Package
- Name
- rtla