{"id":"CLSA-2024-1731431059","summary":"kernel: Fix of 31 CVEs","details":"- driver core: bus: Fix double free in driver API bus_register() {CVE-2024-50055}\n- net: tun: Fix use-after-free in tun_detach() {CVE-2022-49014}\n- memcg: fix possible use-after-free in memcg_write_event_control() {CVE-2022-48988}\n- ppp: fix ppp_async_encode() illegal access {CVE-2024-50035}\n- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error {CVE-2024-47698}\n- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029}\n- tipc: guard against string buffer overrun {CVE-2024-49995}\n- ext4: fix double brelse() the buffer of the extents path {CVE-2024-49882}\n- ACPI: sysfs: validate return type of _STR method {CVE-2024-49860}\n- ext4: aovid use-after-free in ext4_ext_insert_extent() {CVE-2024-49883}\n- ext4: no need to continue when the number of entries is 1 {CVE-2024-49967}\n- padata: Fix possible divide-by-0 panic in padata_mt_helper() {CVE-2024-43889}\n- hwmon: (coretemp) Check for null before removing sysfs attrs {CVE-2022-49010}\n- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error {CVE-2024-47697}\n- wifi: ath11k: fix array out-of-bound access in SoC stats {CVE-2024-49930}\n- ipv6: avoid use-after-free in ip6_fragment() {CVE-2022-48956}\n- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() {CVE-2024-47685}\n- drm/i915/gt: Fix potential UAF by revoke of fence registers {CVE-2024-41092}\n- slip: make slhc_remember() more robust against malicious packets {CVE-2024-50033}\n- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991}\n- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073}\n- ext4: fix timer use-after-free on failed mount {CVE-2024-49960}\n- ext4: avoid use-after-free in ext4_ext_show_leaf() {CVE-2024-49889}\n- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745}\n- firmware_loader: Block path traversal {CVE-2024-47742}\n- ext4: avoid OOB when system.data xattr changes underneath the filesystem {CVE-2024-47701}\n- tcp: drop the hash_32() part from the index calculation {CVE-2022-1012}\n- tcp: increase source port perturb table to 2^16 {CVE-2022-1012}\n- tcp: dynamically allocate the perturb table used by source ports {CVE-2022-1012}\n- net: dccp: fix kernel crash on module load {CVE-2022-1012}\n- net: dccp: initialize (addr,port) listening hashtable {CVE-2022-1012}\n- tcp: add small random increments to the source port {CVE-2022-1012}\n- tcp: resalt the secret every 10 seconds {CVE-2022-1012}\n- tcp: use different parts of the port_offset for index and offset {CVE-2022-1012}\n- secure_seq: use the 64 bits of the siphash for port offset calculation {CVE-2022-1012}\n- Revert \"[ELSCVE-6395] secure_seq: use the 64 bits of the siphash for port offset calculation\" {CVE-2022-1012}\n- tcp: add some entropy in __inet_hash_connect() {CVE-2022-1012}\n- tcp: change source port randomizarion at connect() time {CVE-2022-1012}\n- esp: limit skb_page_frag_refill use to a single page {CVE-2022-27666}\n- drm/vmwgfx: Fix stale file descriptors on failed usercopy {CVE-2022-22942}\n- PM-runtime: add tracepoints for usage_count changes {CVE-2022-0330}\n- fget: clarify and improve __fget_files() implementation {CVE-2021-4083}\n- proc/fd: In proc_fd_link use fget_task {CVE-2021-4083}\n- kcmp: In kcmp_epoll_target use fget_task {CVE-2021-4083}\n- file: Rename __fcheck_files to files_lookup_fd_raw {CVE-2021-4083}\n- fget: check that the fd still exists after getting a ref to it {CVE-2021-4083}\n- Revert \"[ELSCVE-2732] fget: check that the fd still exists after getting a ref to it\" {CVE-2021-4083}\n- file: Replace fcheck_files with files_lookup_fd_rcu {CVE-2021-4083}\n- file: Factor files_lookup_fd_locked out of fcheck_files {CVE-2021-4083}","modified":"2026-06-01T00:33:22.807065764Z","published":"2024-11-12T17:04:25Z","upstream":["CVE-2024-50055","CVE-2022-49014","CVE-2022-48988","CVE-2024-50035","CVE-2024-47698","CVE-2022-49029","CVE-2024-49995","CVE-2024-49882","CVE-2024-49860","CVE-2024-49883","CVE-2024-49967","CVE-2024-43889","CVE-2022-49010","CVE-2024-47697","CVE-2024-49930","CVE-2022-48956","CVE-2024-47685","CVE-2024-41092","CVE-2024-50033","CVE-2024-49991","CVE-2024-50073","CVE-2024-49960","CVE-2024-49889","CVE-2024-47745","CVE-2024-47742","CVE-2024-47701","CVE-2022-1012","CVE-2022-27666","CVE-2022-22942","CVE-2022-0330","CVE-2021-4083"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.5-els/CLSA-2024-1731431059.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els22"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1731431059.json"}}],"schema_version":"1.7.5"}