{"id":"CLSA-2024-1727690025","summary":"kernel: Fix of 80 CVEs","details":"- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800}\n- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738}\n- drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725}\n- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724}\n- drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723}\n- drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}\n- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}\n- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}\n- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}\n- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}\n- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs {CVE-2024-42285}\n- tipc: Return non-zero value from tipc_udp_addr2str() on error {CVE-2024-42284}\n- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}\n- nvme: avoid double free special payload {CVE-2024-41073}\n- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}\n- xfs: don't walk off the end of a directory data block {CVE-2024-41013}\n- tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665}\n- KVM: x86/mmu: make apf token non-zero to fix bug {CVE-2022-48943}\n- cifs: fix double free race when mount fails in cifs_get_root() {CVE-2022-48919}\n- netfilter: fix use-after-free in __nf_register_net_hook() {CVE-2022-48912}\n- rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() {CVE-2022-48742}\n- selinux: fix double free of cond_list on error paths {CVE-2022-48740}\n- ALSA: hda: Fix UAF of leds class devs at unbinding {CVE-2022-48735}\n- drm/nouveau: fix off by one in BIOS boundary checking {CVE-2022-48732}\n- mm, slub: fix potential memoryleak in kmem_cache_open() {CVE-2021-47466}\n- x86/coco: Disable 32-bit emulation by default on TDX and SEV {CVE-2024-25744}\n- x86: Make IA32_EMULATION boot time configurable {CVE-2024-25744}\n- x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() {CVE-2024-25744}\n- x86/elf: Make loading of 32bit processes depend on ia32_enabled() {CVE-2024-25744}\n- x86/entry: Rename ignore_sysret() {CVE-2024-25744}\n- x86/cpu: Don't write CSTAR MSR on Intel CPUs {CVE-2024-25744}\n- x86: Introduce ia32_enabled() {CVE-2024-25744}\n- scsi: qedf: Make qedf_execute_tmf() non-preemptible {CVE-2024-42124}\n- ftruncate: pass a signed offset {CVE-2024-42084}\n- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor {CVE-2024-41035}\n- xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014}\n- drm/radeon: fix UBSAN warning in kv_dpm.c {CVE-2024-40988}\n- ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601}\n- Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884}\n- Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() {CVE-2023-52840}\n- wifi: ath11k: fix htt pktlog locking {CVE-2023-52800}\n- wifi: ath11k: fix dfs radar event locking {CVE-2023-52798}\n- ACPI: LPIT: Avoid u32 multiplication overflow {CVE-2023-52683}\n- ACPI: extlog: fix NULL pointer dereference check {CVE-2023-52605}\n- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect {CVE-2023-52478}\n- USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760}\n- phylib: fix potential use-after-free {CVE-2022-48754}\n- serial: core: fix transmit-buffer reset and memleak {CVE-2021-47527}\n- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497}\n- mlxsw: thermal: Fix out-of-bounds memory accesses {CVE-2021-47441}\n- hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs {CVE-2021-47393}\n- hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47386}\n- hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47385}\n- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47384}\n- virtio-net: Add validation for used length {CVE-2021-47352}\n- watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321}\n- ACPI: fix NULL pointer dereference {CVE-2021-47289}\n- ipv6: prevent possible NULL dereference in rt6_probe() {CVE-2024-40960}\n- xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() {CVE-2024-40959}\n- wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941}\n- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929}\n- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() {CVE-2024-40912}\n- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages {CVE-2024-40904}\n- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}\n- liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet {CVE-2024-39506}\n- vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499}\n- crypto: bcm - Fix pointer arithmetic {CVE-2024-38579}\n- scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559}\n- net: openvswitch: fix overwriting ct original tuple for ICMPv6 {CVE-2024-38558}\n- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload {CVE-2024-36919}\n- netfilter: complete validation of user input {CVE-2024-35962}\n- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() {CVE-2024-35944}\n- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() {CVE-2024-26894}\n- dm: call the resume method on internal suspend {CVE-2024-26880}\n- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855}\n- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again {CVE-2024-26720}\n- tracing: Ensure visibility when inserting an element into tracing_map {CVE-2024-26645}\n- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() {CVE-2023-52809}\n- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() {CVE-2023-52470}\n- Input: add bounds checking to input_set_capability() {CVE-2022-48619}\n- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}\n- bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148}\n- net: do not leave a dangling sk pointer, when socket creation fails {CVE-2024-40954}\n- media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900}\n- fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940}\n- PCI/MSI: Fix UAF in msi_capability_init {CVE-2024-41096}","modified":"2026-06-01T00:33:22.734976184Z","published":"2024-09-30T09:53:48Z","upstream":["CVE-2024-46800","CVE-2024-46738","CVE-2024-46725","CVE-2024-46724","CVE-2024-46723","CVE-2024-46722","CVE-2024-46673","CVE-2024-44987","CVE-2024-43882","CVE-2024-42301","CVE-2024-42285","CVE-2024-42284","CVE-2024-42280","CVE-2024-41073","CVE-2024-41071","CVE-2024-41013","CVE-2024-26665","CVE-2022-48943","CVE-2022-48919","CVE-2022-48912","CVE-2022-48742","CVE-2022-48740","CVE-2022-48735","CVE-2022-48732","CVE-2021-47466","CVE-2024-25744","CVE-2024-42124","CVE-2024-42084","CVE-2024-41035","CVE-2024-41014","CVE-2024-40988","CVE-2024-38601","CVE-2023-52884","CVE-2023-52840","CVE-2023-52800","CVE-2023-52798","CVE-2023-52683","CVE-2023-52605","CVE-2023-52478","CVE-2022-48760","CVE-2022-48754","CVE-2021-47527","CVE-2021-47497","CVE-2021-47441","CVE-2021-47393","CVE-2021-47386","CVE-2021-47385","CVE-2021-47384","CVE-2021-47352","CVE-2021-47321","CVE-2021-47289","CVE-2024-40960","CVE-2024-40959","CVE-2024-40941","CVE-2024-40929","CVE-2024-40912","CVE-2024-40904","CVE-2024-40901","CVE-2024-39506","CVE-2024-39499","CVE-2024-38579","CVE-2024-38559","CVE-2024-38558","CVE-2024-36919","CVE-2024-35962","CVE-2024-35944","CVE-2024-26894","CVE-2024-26880","CVE-2024-26855","CVE-2024-26720","CVE-2024-26645","CVE-2023-52809","CVE-2023-52470","CVE-2022-48619","CVE-2021-47383","CVE-2024-42148","CVE-2024-40954","CVE-2024-43900","CVE-2024-44940","CVE-2024-41096"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.5-els/CLSA-2024-1727690025.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els20"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1727690025.json"}}],"schema_version":"1.7.5"}