The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)
- kernel: net/sched: act_mirred: don't override retval if we already lost the skb (CVE-2024-26739)
- kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CVE-2024-26947)
- kernel: scsi: qla2xxx: Fix command flush on cable pull (CVE-2024-26931)
- kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer (CVE-2024-26930)
- kernel: scsi: qla2xxx: Fix double free of fcport (CVE-2024-26929)
- kernel: fork: defer linking file vma until vma is fully initialized (CVE-2024-27022)
- kernel: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes (CVE-2024-26991)
- kernel: bpf, sockmap: Prevent lock inversion deadlock in map delete elem (CVE-2024-35895)
- kernel: tty: ngsm: fix possible out-of-bounds in gsm0receive() (CVE-2024-36016)
- kernel: gpiolib: cdev: Fix use after free in lineinfochangednotify (CVE-2024-36899)
- kernel: cpufreq: exit() callback is optional (CVE-2024-38615)
- kernel: ring-buffer: Fix a race between readers and resize checks (CVE-2024-38601)
- kernel: cppc_cpufreq: Fix possible null pointer dereference (CVE-2024-38573)
- kernel: gfs2: Fix potential glock use-after-free on unmount (CVE-2024-38570)
- kernel: wifi: nl80211: Avoid address calculations via out of bounds array indexing (CVE-2024-38562)
- kernel: Input: cyapa - add missing input core locking to suspend/resume functions (CVE-2023-52884)
- kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
- kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)
- kernel: wifi: mt76: replace skbput with skbput_zero (CVE-2024-42225)
- kernel: net, sunrpc: Remap EPERM in case of connection failure in xstcpsetup_socket (CVE-2024-42246)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.