CLSA-2024-1719231016

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1719231016.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1719231016
Upstream
  • CVE-2024-26908
Published
2024-06-24T12:10:19Z
Modified
2026-05-29T01:34:04.289214663Z
Summary
kernel: Fix of 52 CVEs
Details
  • net: iptunnel: make sure to pull inner header in iptunnel_rcv() {CVE-2024-26882}
  • tls: fix use-after-free on failed backlog decryption {CVE-2024-26800}
  • tls: separate no-async decryption request handling from async {CVE-2024-26584}
  • tls: decrement decrypt_pending if no async completion will be called {CVE-2024-26584}
  • net: tls: fix use-after-free with partial reads and async decrypt {CVE-2024-26582}
  • net: tls: handle backlogging of crypto requests {CVE-2024-26584}
  • net: tls: factor out tls_*cryptasyncwait()
  • tap: tap_open(): correctly initialize socket uid {CVE-2023-1076}
  • tun: tunchropen(): correctly initialize socket uid {CVE-2023-1076}
  • net: add sockinitdata_uid() {CVE-2023-1076}
  • netfilter: nf_tables: bail out on mismatching dynset and set expressions {CVE-2023-6622}
  • drm/qxl: fix UAF on handle creation {CVE-2023-39198}
  • smb: client: fix use-after-free bug in cifsdebugdataprocshow() {CVE-2023-52752}
  • USB: core: Fix deadlock in port "disable" sysfs attribute {CVE-2024-26933}
  • USB: core: Add hubget() and hubput() routines {CVE-2024-26933}
  • USB: core: Fix deadlock in usbdeauthorizeinterface() {CVE-2024-26934}
  • scsi: qla2xxx: Fix double free of fcport {CVE-2024-26929}
  • netfilter: nf_tables: Fix potential data-race in _nftexprtypeget() {CVE-2024-27020}
  • net: ip_tunnel: prevent perpetual headroom growth {CVE-2024-26804}
  • netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout {CVE-2024-26643}
  • netfilter: nf_tables: disallow anonymous set with timeout flag {CVE-2024-26642}
  • netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations {CVE-2024-26673}
  • ipv6: sr: fix possible use-after-free and null-ptr-deref {CVE-2024-26735}
  • fs: sysfs: Fix reference leak in sysfsbreakactive_protection() {CVE-2024-26993}
  • cifs: fix underflow in parseserverinterfaces() {CVE-2024-26828}
  • mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path {CVE-2024-26595}
  • mlxsw: spectrumacltcam: Move devlink param to TCAM code {CVE-2024-26595}
  • mlxsw: spectrumacltcam: Make fini symmetric to init {CVE-2024-26595}
  • mlxsw: spectrumacltcam: Add missing mutex_destroy() {CVE-2024-26595}
  • net: xfrm: Fix xfrmaddressfilter OOB read {CVE-2023-39194}
  • exfat: check if filename entries exceeds max filename length {CVE-2023-4273}
  • xfrm: add NULL check in xfrmupdateae_params {CVE-2023-3772}
  • firmware: arm_scmi: Harden accesses to the reset domains {CVE-2022-48655}
  • tcp: Reduce chance of collisions in inet6_hashfn(). {CVE-2023-1206}
  • ipv4: fix null-deref in ipv4linkfailure {CVE-2023-42754}
  • netfilter: nfnetlink_osf: avoid OOB read {CVE-2023-39189}
  • netfilter: xtsctp: validate the flaginfo count {CVE-2023-39193}
  • net: qcom/emac: Fix use after free bug in emac_remove due to race condition {CVE-2023-33203}
  • net/tls: tlsistxready() checked listentry {CVE-2023-1075}
  • HID: asus: use spinlock to safely schedule workers {CVE-2023-1079}
  • HID: asus: use spinlock to protect concurrent accesses {CVE-2023-1079}
  • HID: intelish-hid: Add check for ishtpdmatxmap {CVE-2023-3358}
  • gfs2: Don't deref jdesc in evict {CVE-2023-3212}
  • fbcon: Check font dimension limits {CVE-2023-3161}
  • KVM: nVMX: add missing consistency checks for CR0 and CR4 {CVE-2023-30456}
  • hwmon: (xgene) Fix use after free bug in xgenehwmonremove due to race condition {CVE-2023-1855}
  • Bluetooth: HCI: Fix global-out-of-bounds {CVE-2023-28866}
  • HID: check empty reportlist in hidvalidate_values() {CVE-2023-1073}
  • net: mpls: fix stale pointer if allocation fails during device rename {CVE-2023-26545}
  • r8152: Rate limit overflow messages {CVE-2022-3594}
  • drm/vmwgfx: Fix shader stage validation {CVE-2022-36402}
  • Bluetooth: L2CAP: Fix attempting to access uninitialized memory {CVE-2022-42895}
  • dm ioctl: fix nested locking in table_clear() to remove deadlock concern {CVE-2023-2269}
  • mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy() {CVE-2023-52562}
  • i2c: i801: Fix block process call transactions {CVE-2024-26593}
  • bpf: Fix hashtab overflow check on 32-bit arches {CVE-2024-26884}
  • bpf: Fix stackmap overflow check on 32-bit arches {CVE-2024-26883}
  • x86/xen: Add some null pointer checking to smp.c {CVE-2024-26908}
  • RDMA/mlx5: Fix fortify source warning while accessing Eth segment {CVE-2024-26907}
  • Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity {CVE-2024-26903}
  • dosysnametohandle(): use kzalloc() to fix kernel-infoleak {CVE-2024-26901}
  • aoe: fix the potential use-after-free problem in aoecmdcfgpkts {CVE-2024-26898}
References

Affected packages