{"id":"RXSA-2024:1248","summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817)\n\n* kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193)\n\n* kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination (CVE-2024-0646)\n\n* kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction (CVE-2023-4244)\n\n* kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child's sibling_list (CVE-2023-5717)\n\n* kernel: NULL pointer dereference in nvmet_tcp_build_iovec (CVE-2023-6356)\n\n* kernel: NULL pointer dereference in nvmet_tcp_execute_request (CVE-2023-6535)\n\n* kernel: NULL pointer dereference in __nvmet_req_complete (CVE-2023-6536)\n\n* kernel: Out-Of-Bounds Read vulnerability in smbCalcSize (CVE-2023-6606)\n\n* kernel: OOB Access in smb2_dump_detail (CVE-2023-6610)\n\n* kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-03-11T05:56:23.573240Z","published":"2024-03-27T04:37:19.422545Z","upstream":["CVE-2023-4244","CVE-2023-51042","CVE-2023-5717","CVE-2023-6356","CVE-2023-6535","CVE-2023-6536","CVE-2023-6606","CVE-2023-6610","CVE-2023-6817","CVE-2024-0193","CVE-2024-0646"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RXSA-2024:1248"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235306"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246945"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253611"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253614"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253908"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254052"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254053"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254054"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255139"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255653"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2259866"}],"affected":[{"package":{"name":"kernel","ecosystem":"Rocky Linux:9","purl":"pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9-sig-cloud&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.14.0-362.24.1.el9_3.cloud.0.6"}],"database_specific":{"yum_repository":"cloud-common"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RXSA-2024:1248.json"}}],"schema_version":"1.7.5","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}