{"id":"CLSA-2024-1722977984","summary":"kernel: Fix of 16 CVEs","details":"- ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}\n- ima: define ima_max_digest_data struct without a flexible array variable\n- ima: detect changes to the backing overlay file\n- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). {CVE-2024-36904}\n- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}\n- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() {CVE-2024-26852}\n- net/mlx5: Fix a race on command flush flow {CVE-2022-48858}\n- sctp: fix kernel-infoleak for SCTP sockets {CVE-2022-48855}\n- bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem. {CVE-2022-0500}\n- bpf: Make per_cpu_ptr return rdonly PTR_TO_MEM. {CVE-2022-0500}\n- bpf: Introduce MEM_RDONLY flag {CVE-2022-0500}\n- bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL {CVE-2022-0500}\n- bpf: Replace RET_XXX_OR_NULL with RET_XXX | PTR_MAYBE_NULL {CVE-2022-0500}\n- bpf: Replace ARG_XXX_OR_NULL with ARG_XXX | PTR_MAYBE_NULL {CVE-2022-0500}\n- bpf: Introduce composable reg, ret and arg types. {CVE-2022-0500}\n- bpf: Extract nullable reg type conversion into a helper function {CVE-2022-0500}\n- bpf: Rename bpf_reg_state variables {CVE-2022-0500}\n- libbpf: Fix use-after-free in btf_dump_name_dups {CVE-2022-3534}\n- net: fix __dst_negative_advice() race {CVE-2024-36971}\n- ext4: fix kernel BUG in 'ext4_write_inline_data_end()' {CVE-2021-33631}\n- tipc: fix UAF in error path {CVE-2024-36886}\n- smb: client: fix parsing of SMB3.1.1 POSIX create context {CVE-2023-52434}\n- smb: client: fix potential OOBs in smb2_parse_contexts() {CVE-2023-52434}\n- perf: Disallow mis-matched inherited group reads {CVE-2023-5717}\n- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). {CVE-2023-4622}\n- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}\n- i2c: Fix a potential use after free {CVE-2019-25162}","modified":"2026-05-27T11:35:52.819591184Z","published":"2024-08-06T20:59:47Z","upstream":["CVE-2019-25162","CVE-2021-33631","CVE-2022-0500","CVE-2022-3534","CVE-2022-48855","CVE-2022-48858","CVE-2023-1077","CVE-2023-4622","CVE-2023-52434","CVE-2023-5717","CVE-2024-26852","CVE-2024-26923","CVE-2024-36886","CVE-2024-36904","CVE-2024-36971","CVE-2024-39494"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.5-els/CLSA-2024-1722977984.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els18"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"}}],"schema_version":"1.7.5"}