ALSA-2024:5928

Source
https://errata.almalinux.org/9/ALSA-2024-5928.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:5928.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2024:5928
Related
Published
2024-08-28T00:00:00Z
Modified
2024-11-03T22:29:00Z
Summary
Important: kernel security update
Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: nftables: nftsetrbtree skip end interval element from gc (CVE-2024-26581)
  • kernel: netfilter: nft_limit: reject configurations that cause integer overflow (CVE-2024-26668)
  • kernel: vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
  • kernel: net: ice: Fix potential NULL pointer dereference in icebridgesetlink() (CVE-2024-26855)
  • kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
  • kernel: netfilter: nftables: release mutex after nftgcseqend from abort path (CVE-2024-26925)
  • kernel: netfilter: nftables: Fix potential data-race in _nftexprtype_get() (CVE-2024-27020)
  • kernel: netfilter: nftables: Fix potential data-race in _nftobjtype_get() (CVE-2024-27019)
  • kernel: netfilter: flowtable: validate pppoe header (CVE-2024-27016)
  • kernel: netfilter: bridge: confirm multicast packets before passing them up the stack (CVE-2024-27415)
  • kernel: netfilter: bridge: replace physindev with physinif in nfbridgeinfo (CVE-2024-35839)
  • kernel: netfilter: nftables: Fix potential data-race in _nftflowtabletype_get() (CVE-2024-35898)
  • kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)
  • kernel: netfilter: validate user input for expected length (CVE-2024-35896)
  • kernel: netfilter: complete validation of user input (CVE-2024-35962)
  • kernel: ice: fix LAG and VF lock dependency in iceresetvf() (CVE-2024-36003)
  • kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race (CVE-2023-52771)
  • kernel: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc (CVE-2023-52880)
  • kernel: scsi: qla2xxx: Fix off by one in qlaedifapp_getstats() (CVE-2024-36025)
  • kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
  • kernel: crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
  • kernel: RDMA/rxe: Fix seg fault in rxecompqueue_pkt (CVE-2024-38544)
  • kernel: bnxtre: avoid shift undefined behavior in bnxtqpliballocinit_hwq (CVE-2024-38540)
  • kernel: net: bridge: xmit: make sure we have at least eth header len bytes (CVE-2024-38538)
  • kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MDSBCHANGE_PENDING (CVE-2024-39476)
  • kernel: ipv6: fix possible race in _fib6droppcpufrom() (CVE-2024-40905)
  • kernel: wifi: cfg80211: Lock wiphy in cfg80211getstation (CVE-2024-40911)
  • kernel: wifi: mac80211: Fix deadlock in ieee80211stapsdeliverwakeup() (CVE-2024-40912)
  • kernel: mm/hugememory: don't unpoison hugezero_folio (CVE-2024-40914)
  • kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CVE-2024-40929)
  • kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (CVE-2024-40939)
  • kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CVE-2024-40941)
  • kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (CVE-2024-40957)
  • kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978)
  • kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
  • kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
  • kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
  • kernel: udp: Set SOCKRCUFREE earlier in udplibget_port() (CVE-2024-41041)
  • kernel: NFSv4: Fix memory leak in nfs4setsecurity_label (CVE-2024-41076)
  • kernel: net: ntbnetdev: Move ntbnetdevrxhandler() to call netifrx() from _netif_rx() (CVE-2024-42110)
  • kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / bpftool

Package

Name
bpftool

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.3.0-427.33.1.el9_4

AlmaLinux:9 / kernel

Package

Name
kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k

Package

Name
kernel-64k

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-core

Package

Name
kernel-64k-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug

Package

Name
kernel-64k-debug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-core

Package

Name
kernel-64k-debug-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-devel

Package

Name
kernel-64k-debug-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-devel-matched

Package

Name
kernel-64k-debug-devel-matched

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-modules

Package

Name
kernel-64k-debug-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-modules-core

Package

Name
kernel-64k-debug-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-debug-modules-extra

Package

Name
kernel-64k-debug-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-devel

Package

Name
kernel-64k-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-devel-matched

Package

Name
kernel-64k-devel-matched

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-modules

Package

Name
kernel-64k-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-modules-core

Package

Name
kernel-64k-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-64k-modules-extra

Package

Name
kernel-64k-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-abi-stablelists

Package

Name
kernel-abi-stablelists

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-core

Package

Name
kernel-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-cross-headers

Package

Name
kernel-cross-headers

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug

Package

Name
kernel-debug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-core

Package

Name
kernel-debug-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-devel

Package

Name
kernel-debug-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-devel-matched

Package

Name
kernel-debug-devel-matched

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-modules

Package

Name
kernel-debug-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-modules-core

Package

Name
kernel-debug-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-modules-extra

Package

Name
kernel-debug-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-debug-uki-virt

Package

Name
kernel-debug-uki-virt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-devel

Package

Name
kernel-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-devel-matched

Package

Name
kernel-devel-matched

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-doc

Package

Name
kernel-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-headers

Package

Name
kernel-headers

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-modules

Package

Name
kernel-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-modules-core

Package

Name
kernel-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-modules-extra

Package

Name
kernel-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt

Package

Name
kernel-rt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-core

Package

Name
kernel-rt-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug

Package

Name
kernel-rt-debug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug-core

Package

Name
kernel-rt-debug-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug-devel

Package

Name
kernel-rt-debug-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug-modules

Package

Name
kernel-rt-debug-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug-modules-core

Package

Name
kernel-rt-debug-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-debug-modules-extra

Package

Name
kernel-rt-debug-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-devel

Package

Name
kernel-rt-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-modules

Package

Name
kernel-rt-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-modules-core

Package

Name
kernel-rt-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-rt-modules-extra

Package

Name
kernel-rt-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-tools

Package

Name
kernel-tools

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-tools-libs

Package

Name
kernel-tools-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-uki-virt

Package

Name
kernel-uki-virt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump

Package

Name
kernel-zfcpdump

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-core

Package

Name
kernel-zfcpdump-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-devel

Package

Name
kernel-zfcpdump-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-devel-matched

Package

Name
kernel-zfcpdump-devel-matched

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-modules

Package

Name
kernel-zfcpdump-modules

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-modules-core

Package

Name
kernel-zfcpdump-modules-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / kernel-zfcpdump-modules-extra

Package

Name
kernel-zfcpdump-modules-extra

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / libperf

Package

Name
libperf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / perf

Package

Name
perf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / python3-perf

Package

Name
python3-perf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / rtla

Package

Name
rtla

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4

AlmaLinux:9 / rv

Package

Name
rv

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.0-427.33.1.el9_4