{"id":"CLSA-2024-1729874131","summary":"kernel: Fix of 43 CVEs","details":"- drm/amdgpu: Validate TA binary size {CVE-2024-44977}\n- drm/amd/display: Avoid overflow from uint32_t to uint8_t {CVE-2024-47661}\n- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info {CVE-2024-46842}\n- ALSA: line6: Fix racy access to midibuf {CVE-2024-44954}\n- exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882}\n- drm/amd/display: Check link_index before accessing dc-\u003elinks[] {CVE-2024-46813}\n- drm/amdgpu/mes: fix mes ring buffer overflow {CVE-2024-46700}\n- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs {CVE-2024-42285}\n- scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}\n- ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987}\n- drm/amdgpu: fix mc_data out-of-bounds read warning {CVE-2024-46722}\n- ftrace: Fix possible use-after-free issue in ftrace_location() {CVE-2024-38588}\n- ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() {CVE-2024-38588}\n- ftrace: Store the order of pages allocated in ftrace_page {CVE-2024-38588}\n- ftrace: Check if pages were allocated before calling free_pages() {CVE-2024-38588}\n- x86/ibt,ftrace: Search for __fentry__ location {CVE-2024-38588}\n- drm/amdgpu: fix ucode out-of-bounds read warning {CVE-2024-46723}\n- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() {CVE-2024-46738}\n- sch/netem: fix use after free in netem_dequeue {CVE-2024-46800}\n- drm/amdgpu: Fix out-of-bounds write warning {CVE-2024-46725}\n- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724}\n- Squashfs: sanity check symbolic link size {CVE-2024-46744}\n- drm/amd/pm: Fix negative array index read {CVE-2024-46821}\n- drm/amd/display: Check gpio_id before used as array index {CVE-2024-46818}\n- KVM: x86: do not set st-\u003epreempted when going back to user space {CVE-2022-39189}\n- net: Return errno in sk-\u003esk_prot-\u003eget_port(). {CVE-2023-0461}\n- drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box {CVE-2024-46811}\n- ext4: do not create EA inode under buffer lock {CVE-2024-40972}\n- ext4: fold quota accounting into ext4_xattr_inode_lookup_create() {CVE-2024-40972}\n- ext4: check the return value of ext4_xattr_inode_dec_ref() {CVE-2024-40972}\n- ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() {CVE-2024-40972}\n- nvme: avoid double free special payload {CVE-2024-41073}\n- drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL {CVE-2023-52817}\n- wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071}\n- mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280}\n- tipc: Return non-zero value from tipc_udp_addr2str() on error {CVE-2024-42284}\n- dev/parport: fix the array out-of-bounds risk {CVE-2024-42301}\n- parport: Standardize use of printmode {CVE-2024-42301}\n- parport: Convert printk(KERN_\u003cLEVEL\u003e to pr_\u003clevel\u003e {CVE-2024-42301}\n- parport: parport_pc: Mark expected switch fall-through {CVE-2024-42301}\n- protect the fetch of -\u003efd[fd] in do_dup2() from mispredictions {CVE-2024-42265}\n- leds: trigger: Unregister sysfs attributes before calling deactivate() {CVE-2024-43830}\n- hwmon: (lm95234) Fix underflows seen when writing limit attributes {CVE-2024-46758}\n- HID: amd_sfh: free driver_data after destroying hid device {CVE-2024-46746}\n- hwmon: (adc128d818) Fix underflows seen when writing limit attributes {CVE-2024-46759}\n- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes {CVE-2024-46756}\n- netns: Make get_net_ns() handle zero refcount net {CVE-2024-40958}\n- net: make get_net_ns return error if NET_NS is disabled {CVE-2024-40958}\n- mm, slub: fix potential memoryleak in kmem_cache_open() {CVE-2021-47466}\n- slub: don't panic for memcg kmem cache creation failure {CVE-2021-47466}\n- tunnels: fix out of bounds access when building IPv6 PMTU error {CVE-2024-26665}\n- xfs: don't walk off the end of a directory data block {CVE-2024-42084}\n- firmware: cs_dsp: Fix overflow checking of wmfw header {CVE-2024-41039}\n- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757}\n- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731}","modified":"2026-06-01T00:32:55.983703055Z","published":"2024-10-25T17:03:00Z","upstream":["CVE-2024-44977","CVE-2024-47661","CVE-2024-46842","CVE-2024-44954","CVE-2024-43882","CVE-2024-46813","CVE-2024-46700","CVE-2024-42285","CVE-2024-46673","CVE-2024-44987","CVE-2024-46722","CVE-2024-38588","CVE-2024-46723","CVE-2024-46738","CVE-2024-46800","CVE-2024-46725","CVE-2024-46724","CVE-2024-46744","CVE-2024-46821","CVE-2024-46818","CVE-2022-39189","CVE-2023-0461","CVE-2024-46811","CVE-2024-40972","CVE-2024-41073","CVE-2023-52817","CVE-2024-41071","CVE-2024-42280","CVE-2024-42284","CVE-2024-42301","CVE-2024-42265","CVE-2024-43830","CVE-2024-46758","CVE-2024-46746","CVE-2024-46759","CVE-2024-46756","CVE-2024-40958","CVE-2021-47466","CVE-2024-26665","CVE-2024-42084","CVE-2024-41039","CVE-2024-46757","CVE-2024-46731"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/centos8stream-els/CLSA-2024-1729874131.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/perf?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1729874131.json"}}],"schema_version":"1.7.5"}