{"id":"RLSA-2024:6567","summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)\n\n* kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)\n\n* kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630)\n\n* kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)\n\n* kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886)\n\n* kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946)\n\n* kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)\n\n* kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797)\n\n* kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875)\n\n* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)\n\n* kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801)\n\n* kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)\n\n* kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019)\n\n* kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619)\n\n* kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979)\n\n* kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)\n\n* kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927)\n\n* kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936)\n\n* kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040)\n\n* kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)\n\n* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)\n\n* kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096)\n\n* kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082)\n\n* kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096)\n\n* kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102)\n\n* kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131)\n\n* kernel: nvme: avoid double free special payload (CVE-2024-41073)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-05T12:30:08.206914Z","published":"2024-09-17T00:55:50.347070Z","upstream":["CVE-2023-52463","CVE-2023-52801","CVE-2024-26629","CVE-2024-26630","CVE-2024-26720","CVE-2024-26886","CVE-2024-26946","CVE-2024-35791","CVE-2024-35797","CVE-2024-35875","CVE-2024-36000","CVE-2024-36019","CVE-2024-36883","CVE-2024-36979","CVE-2024-38559","CVE-2024-38619","CVE-2024-40927","CVE-2024-40936","CVE-2024-41040","CVE-2024-41044","CVE-2024-41055","CVE-2024-41073","CVE-2024-41096","CVE-2024-42082","CVE-2024-42096","CVE-2024-42102","CVE-2024-42131"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2024:6567"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2265797"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269434"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273141"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275678"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278206"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281151"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281727"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281968"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2282709"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284271"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284402"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293273"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293440"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297511"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297520"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300409"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300429"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300491"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300520"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300713"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301465"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301496"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301637"}],"affected":[{"package":{"name":"kernel","ecosystem":"Rocky Linux:9","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-427.35.1.el9_4"}],"database_specific":{"yum_repository":"RT"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2024:6567.json"}}],"schema_version":"1.7.3","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}