CLSA-2024-1725871927

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1725871927.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2024-1725871927
Upstream
Published
2024-09-09T09:35:46Z
Modified
2026-05-29T01:37:20.901393516Z
Summary
kernel: Fix of 30 CVEs
Details
  • gfs2: Fix potential glock use-after-free on unmount {CVE-2024-38570}
  • gfs2: Remove ill-placed consistency check {CVE-2024-38570}
  • gfs2: introduce new gfs2glockassert_withdraw {CVE-2024-38570}
  • gfs2: simplify gdlmputlock with out_free label {CVE-2024-38570}
  • wifi: mt76: replace skbput with skbput_zero {CVE-2024-42225}
  • bpf: Avoid uninitialized value in BPFCOREREAD_BITFIELD {CVE-2024-42161}
  • drm/amdgpu/mes: fix use-after-free issue {CVE-2024-38581}
  • drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552}
  • net: bridge: mst: fix suspicious rcu usage in brmstset_state {CVE-2024-36979}
  • net: bridge: mst: pass vlan group directly to brmstvlansetstate {CVE-2024-36979}
  • net: bridge: mst: fix vlan use-after-free {CVE-2024-36979}
  • netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668}
  • ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}
  • ima: define imamaxdigest_data struct without a flexible array variable
  • ima: detect changes to the backing overlay file
  • drm/amdgpu: Using uninitialized value *size when calling amdgpuvcecs_reloc {CVE-2024-42228}
  • dmaengine: idxd: Fix possible Use-After-Free in irqprocesswork_list {CVE-2024-40956}
  • drm/amdgpu: add error handle to avoid out-of-bounds {CVE-2024-39471}
  • net/sched: flower: Fix chain template offload {CVE-2024-26669}
  • userfaultfd: fix a race between writeprotect and exit_mmap() {CVE-2021-47461}
  • scsi: mpi3mr: Sanitise num_phys {CVE-2024-42159}
  • ata: libata-core: Fix double free on error {CVE-2024-41087}
  • net/mlx5: Discard command completions in internal error {CVE-2024-38555}
  • net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
  • net: sched: schmultiq: fix possible OOB write in multiqtune() {CVE-2024-36978}
  • drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
  • tcp: Use refcountincnotzero() in tcptwsk_unique(). {CVE-2024-36904}
  • tipc: fix UAF in error path {CVE-2024-36886}
  • net: fix out-of-bounds access in ops_init {CVE-2024-36883}
  • tap: add missing verification for short frame {CVE-2024-41090}
  • tun: add missing verification for short frame {CVE-2024-41091}
  • netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397}
  • netfilter: nftables: release mutex after nftgcseqend from abort path {CVE-2024-26925}
  • netfilter: nf_tables: release batch on table validation from abort path {CVE-2024-26925}
  • netfilter: nf_tables: discard table flag update with pending basechain deletion {CVE-2024-26925}
  • netfilter: nf_tables: reject table flag and netdev basechain updates {CVE-2024-26925}
  • af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
  • net/ipv6: avoid possible UAF in ip6routempath_notify() {CVE-2024-26852}
  • sched/psi: Fix use-after-free in epremovewait_queue() {CVE-2023-52707}
  • wait: add wakeuppollfree() {CVE-2023-52707}
  • tcp_metrics: validate source addr length {CVE-2024-42154}
References

Affected packages