{"id":"CLSA-2024-1725293298","summary":"kernel: Fix of 37 CVEs","details":"- tun: add missing verification for short frame {CVE-2024-41091}\n- tap: add missing verification for short frame {CVE-2024-41090}\n- drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552}\n- net: fix __dst_negative_advice() race {CVE-2024-36971}\n- net: annotate data-races around sk-\u003esk_dst_pending_confirm {CVE-2024-36971}\n- net: fix out-of-bounds access in ops_init {CVE-2024-36883}\n- net/sched: flower: Fix chain template offload {CVE-2024-26669}\n- netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397}\n- netfilter: nft_set_rbtree: Remove unused variable nft_net {CVE-2024-27397}\n- netfilter: nft_set_rbtree: prefer sync gc to async worker {CVE-2024-27397}\n- netfilter: nft_set_rbtree: rename gc deactivate+erase function {CVE-2024-27397}\n- netfilter: nf_tables: de-constify set commit ops function argument {CVE-2024-27397}\n- netfilter: nft_set_rbtree: .deactivate fails if element has expired {CVE-2024-27397}\n- sched/membarrier: reduce the ability to hammer on sys_membarrier {CVE-2024-26602}\n- drm/vmwgfx: Fix possible null pointer derefence with invalid contexts {CVE-2022-38096}\n- sched/psi: Fix use-after-free in ep_remove_wait_queue() {CVE-2023-52707}\n- wait: add wake_up_pollfree() {CVE-2023-52707}\n- x86/sev: Check for user-space IOIO pointing to kernel space {CVE-2023-46813}\n- x86/sev: Check IOBM for IOIO exceptions from user-space {CVE-2023-46813}\n- x86/sev: Disable MMIO emulation from user mode {CVE-2023-46813}\n- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). {CVE-2024-37356}\n- blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued {CVE-2024-38384}\n- netfilter: complete validation of user input {CVE-2024-35962}\n- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}\n- PM / devfreq: Synchronize devfreq_monitor_[start/stop] {CVE-2023-52635}\n- netfilter: validate user input for expected length {CVE-2024-35896}\n- virtio: delete vq in vp_find_vqs_msix() when request_irq() fails {CVE-2024-37353}\n- bnxt: prevent skb UAF after handing over to PTP worker {CVE-2022-48637}\n- net: openvswitch: fix overwriting ct original tuple for ICMPv6 {CVE-2024-38558}\n- net: core: reject skb_copy(_expand) for fraglist GSO skbs {CVE-2024-36929}\n- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation {CVE-2024-36017}\n- ipvlan: Dont Use skb-\u003esk in ipvlan_process_v{4,6}_outbound {CVE-2024-33621}\n- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}\n- gro: fix ownership transfer {CVE-2024-35890}\n- mlxbf_gige: stop interface during shutdown {CVE-2024-35885}\n- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() {CVE-2023-52809}\n- wifi: mt76: replace skb_put with skb_put_zero {CVE-2024-42225}\n- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228}\n- scsi: mpi3mr: Sanitise num_phys {CVE-2024-42159}\n- bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD {CVE-2024-42161}\n- drm/amdgpu/mes: fix use-after-free issue {CVE-2024-38581}\n- i40e: fix vf may be used uninitialized in this function warning {CVE-2024-36020}\n- vt: fix unicode buffer corruption when deleting characters {CVE-2024-35823}\n- ata: libata-core: Fix double free on error {CVE-2024-41087}\n- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path {CVE-2024-26925}\n- tcp_metrics: validate source addr length {CVE-2024-42154}","modified":"2026-05-27T11:33:44.593213368Z","published":"2024-09-02T16:08:22Z","upstream":["CVE-2022-38096","CVE-2022-48637","CVE-2023-46813","CVE-2023-52635","CVE-2023-52707","CVE-2023-52809","CVE-2023-52885","CVE-2024-26602","CVE-2024-26669","CVE-2024-26925","CVE-2024-27397","CVE-2024-33621","CVE-2024-35823","CVE-2024-35885","CVE-2024-35890","CVE-2024-35896","CVE-2024-35962","CVE-2024-36017","CVE-2024-36020","CVE-2024-36883","CVE-2024-36929","CVE-2024-36960","CVE-2024-36971","CVE-2024-37353","CVE-2024-37356","CVE-2024-38384","CVE-2024-38552","CVE-2024-38558","CVE-2024-38581","CVE-2024-41087","CVE-2024-41090","CVE-2024-41091","CVE-2024-42154","CVE-2024-42159","CVE-2024-42161","CVE-2024-42225","CVE-2024-42228"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2024-1725293298.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/bpftool?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.0.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-abi-stablelists","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-abi-stablelists?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-core?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-devel-matched","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-devel-matched?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-modules-core","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-modules-core?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-modules-partner","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-modules-partner?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-debug-uki-virt","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-debug-uki-virt?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-devel-matched","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-devel-matched?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-doc","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-doc?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-headers?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-modules?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-modules-core","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-modules-core?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-modules-partner","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-modules-partner?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-tools?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"kernel-uki-virt","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/kernel-uki-virt?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/perf?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/python3-perf?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}},{"package":{"name":"rtla","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/rtla?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-284.30.1.el9_2.tuxcare.els6"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1725293298.json"}}],"schema_version":"1.7.5"}