{"id":"RLSA-2024:8856","summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)\n\n* kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)\n\n* kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)\n\n* kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)\n\n* kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)\n\n* kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)\n\n* kernel: nouveau: lock the client object tree. (CVE-2024-27062)\n\n* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)\n\n* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)\n\n* kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)\n\n* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)\n\n* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)\n\n* kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)\n\n* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)\n\n* kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)\n\n* kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)\n\n* kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)\n\n* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)\n\n* kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)\n\n* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)\n\n* kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)\n\n* kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)\n\n* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)\n\n* kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)\n\n* kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)\n\n* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)\n\n* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)\n\n* kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)\n\n* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)\n\n* kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)\n\n* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)\n\n* kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)\n\n* kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)\n\n* kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)\n\n* kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)\n\n* kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)\n\n* kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)\n\n* kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)\n\n* kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)\n\n* kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)\n\n* kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)\n\n* kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-05T12:45:05.361673Z","published":"2024-11-08T15:56:34.521391Z","upstream":["CVE-2022-48773","CVE-2022-48936","CVE-2023-52492","CVE-2024-24857","CVE-2024-26851","CVE-2024-26924","CVE-2024-26976","CVE-2024-27017","CVE-2024-27062","CVE-2024-35839","CVE-2024-35898","CVE-2024-35939","CVE-2024-38540","CVE-2024-38541","CVE-2024-38586","CVE-2024-38608","CVE-2024-39503","CVE-2024-40924","CVE-2024-40961","CVE-2024-40983","CVE-2024-40984","CVE-2024-41009","CVE-2024-41042","CVE-2024-41066","CVE-2024-41092","CVE-2024-41093","CVE-2024-42070","CVE-2024-42079","CVE-2024-42244","CVE-2024-42284","CVE-2024-42292","CVE-2024-42301","CVE-2024-43854","CVE-2024-43880","CVE-2024-43889","CVE-2024-43892","CVE-2024-44935","CVE-2024-44989","CVE-2024-44990","CVE-2024-45018","CVE-2024-46826","CVE-2024-47668"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2024:8856"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266247"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2269183"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275750"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2277168"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278262"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278350"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2278387"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281284"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281669"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2281817"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293402"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293458"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2293459"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297475"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297508"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297545"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297567"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297568"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298109"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300442"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300487"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300488"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300508"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2300517"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307862"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307865"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2307892"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309852"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309853"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2311715"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315178"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317601"}],"affected":[{"package":{"name":"kernel","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.18.0-553.27.1.el8_10"}],"database_specific":{"yum_repository":"BaseOS"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2024:8856.json"}}],"schema_version":"1.7.3","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}