{"id":"RLSA-2024:4928","summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458)\n\n* kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773)\n\n* kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737)\n\n* kernel: dm: call the resume method on internal suspend (CVE-2024-26880)\n\n* kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)\n\n* kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)\n\n* kernel: nfp: flower: handle acti_netdevs allocation failure (CVE-2024-27046)\n\n* kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)\n\n* kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857)\n\n* kernel: mlxbf_gige: call request_irq() after NAPI initialized (CVE-2024-35907)\n\n* kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)\n\n* kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809)\n\n* kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459)\n\n* kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924)\n\n* kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (CVE-2024-36952)\n\n* kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743)\n\n* kernel: epoll: be better about file lifetimes (CVE-2024-38580)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-05T13:30:14.987425Z","published":"2024-08-01T01:29:12.010642Z","upstream":["CVE-2021-47459","CVE-2022-48743","CVE-2023-52458","CVE-2023-52809","CVE-2024-26737","CVE-2024-26773","CVE-2024-26852","CVE-2024-26880","CVE-2024-26982","CVE-2024-27030","CVE-2024-27046","CVE-2024-35857","CVE-2024-35885","CVE-2024-35907","CVE-2024-36924","CVE-2024-36952","CVE-2024-38580"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2024:4928"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265794"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273236"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273274"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275690"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275761"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278337"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278435"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278473"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281247"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281647"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281700"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282669"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282898"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284506"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284598"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293316"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293412"}],"affected":[{"package":{"name":"kernel","ecosystem":"Rocky Linux:9","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-427.28.1.el9_4"}],"database_specific":{"yum_repository":"RT"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2024:4928.json"}}],"schema_version":"1.7.3","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}