CLSA-2024-1719932549

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1719932549
Upstream
Published
2024-07-02T15:02:32Z
Modified
2026-05-29T01:37:01.583099237Z
Summary
kernel: Fix of 20 CVEs
Details
  • net: iptunnel: make sure to pull inner header in iptunnel_rcv() {CVE-2024-26882}
  • net: Set true network header for ECN decapsulation {CVE-2024-26882}
  • media: dvb-core: Fix use-after-free due to race at dvbregisterdevice() {CVE-2022-45884}
  • media: dvbdev: fix error logic at dvbregisterdevice() {CVE-2022-45884}
  • media: dvbdev: Fix memleak in dvbregisterdevice {CVE-2022-45884}
  • media: media/dvb: Use kmemdup rather than duplicating its implementation {CVE-2022-45884}
  • media: dvbdev: drop refcount on error path in dvbdeviceopen() {CVE-2022-45884}
  • media: dvbdev: fix refcnt bug {CVE-2022-45884}
  • media: dvbdev: adopts refcnt to avoid UAF {CVE-2022-45884}
  • netfilter: nf_tables: Fix potential data-race in _nftexprtypeget() {CVE-2024-27020}
  • netfilter: nf_tables: _nftexprtypeget() selects specific family type {CVE-2024-27020}
  • scsi: qla2xxx: Fix double free of fcport {CVE-2024-26929}
  • of: fdt: fix off-by-one error in unflattendtnodes() {CVE-2022-48672}
  • USB: core: Fix deadlock in usbdeauthorizeinterface() {CVE-2024-26934}
  • smb: client: fix use-after-free bug in cifsdebugdataprocshow() {CVE-2023-52752}
  • netfilter: nf_tables: disallow anonymous set with timeout flag {CVE-2024-26642}
  • media: technisat-usb2: break out of loop at end of buffer {CVE-2019-15505}
  • Input: gtco - bounds check collection indent level {CVE-2019-13631}
  • ext4: fix kernel infoleak via ext4extentheader {CVE-2022-0850}
  • media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors {CVE-2020-0404}
  • netfilter: nftsetpipapo: skip inactive elements during set walk {CVE-2023-6817}
  • libceph: harden msgr2.1 frame segment length checks {CVE-2023-44466}
  • media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() {CVE-2023-31084}
  • dm ioctl: fix nested locking in table_clear() to remove deadlock concern {CVE-2023-2269}
  • hwmon: (xgene) Fix use after free bug in xgenehwmonremove due to race condition {CVE-2023-1855}
  • HID: betop: check shape of output reports {CVE-2023-1073}
  • RDMA/core: Don't infoleak GRH fields {CVE-2021-3923}
  • HID: betop: fix slab-out-of-bounds Write in betop_probe {CVE-2023-1073}
  • HID: check empty reportlist in hidvalidate_values() {CVE-2023-1073}
  • media: ttusb-dec: fix memory leak in ttusbdecexit_dvb() {CVE-2022-45887}
References

Affected packages