CLSA-2024-1719932549

net: iptunnel: make sure to pull inner header in iptunnel_rcv() {CVE-2024-26882}
net: Set true network header for ECN decapsulation {CVE-2024-26882}
media: dvb-core: Fix use-after-free due to race at dvbregisterdevice() {CVE-2022-45884}
media: dvbdev: fix error logic at dvbregisterdevice() {CVE-2022-45884}
media: dvbdev: Fix memleak in dvbregisterdevice {CVE-2022-45884}
media: media/dvb: Use kmemdup rather than duplicating its implementation {CVE-2022-45884}
media: dvbdev: drop refcount on error path in dvbdeviceopen() {CVE-2022-45884}
media: dvbdev: fix refcnt bug {CVE-2022-45884}
media: dvbdev: adopts refcnt to avoid UAF {CVE-2022-45884}
netfilter: nf_tables: Fix potential data-race in _nftexprtypeget() {CVE-2024-27020}
netfilter: nf_tables: _nftexprtypeget() selects specific family type {CVE-2024-27020}
scsi: qla2xxx: Fix double free of fcport {CVE-2024-26929}
of: fdt: fix off-by-one error in unflattendtnodes() {CVE-2022-48672}
USB: core: Fix deadlock in usbdeauthorizeinterface() {CVE-2024-26934}
smb: client: fix use-after-free bug in cifsdebugdataprocshow() {CVE-2023-52752}
netfilter: nf_tables: disallow anonymous set with timeout flag {CVE-2024-26642}
media: technisat-usb2: break out of loop at end of buffer {CVE-2019-15505}
Input: gtco - bounds check collection indent level {CVE-2019-13631}
ext4: fix kernel infoleak via ext4extentheader {CVE-2022-0850}
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors {CVE-2020-0404}
netfilter: nftsetpipapo: skip inactive elements during set walk {CVE-2023-6817}
libceph: harden msgr2.1 frame segment length checks {CVE-2023-44466}
media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() {CVE-2023-31084}
dm ioctl: fix nested locking in table_clear() to remove deadlock concern {CVE-2023-2269}
hwmon: (xgene) Fix use after free bug in xgenehwmonremove due to race condition {CVE-2023-1855}
HID: betop: check shape of output reports {CVE-2023-1073}
RDMA/core: Don't infoleak GRH fields {CVE-2021-3923}
HID: betop: fix slab-out-of-bounds Write in betop_probe {CVE-2023-1073}
HID: check empty reportlist in hidvalidate_values() {CVE-2023-1073}
media: ttusb-dec: fix memory leak in ttusbdecexit_dvb() {CVE-2022-45887}

References

https://errata.cloudlinux.com/centos8.4-els/CLSA-2024-1719932549.html

Affected packages

TuxCare:CentOS:8.4

bpftool

Package

Name: bpftool
Purl: pkg:rpm/tuxcare/bpftool?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel

Package

Name: kernel
Purl: pkg:rpm/tuxcare/kernel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-core

Package

Name: kernel-core
Purl: pkg:rpm/tuxcare/kernel-core?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-cross-headers

Package

Name: kernel-cross-headers
Purl: pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug

Package

Name: kernel-debug
Purl: pkg:rpm/tuxcare/kernel-debug?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug-core

Package

Name: kernel-debug-core
Purl: pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug-devel

Package

Name: kernel-debug-devel
Purl: pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug-modules

Package

Name: kernel-debug-modules
Purl: pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug-modules-extra

Package

Name: kernel-debug-modules-extra
Purl: pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-debug-modules-internal

Package

Name: kernel-debug-modules-internal
Purl: pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-devel

Package

Name: kernel-devel
Purl: pkg:rpm/tuxcare/kernel-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-headers

Package

Name: kernel-headers
Purl: pkg:rpm/tuxcare/kernel-headers?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-ipaclones-internal

Package

Name: kernel-ipaclones-internal
Purl: pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-modules

Package

Name: kernel-modules
Purl: pkg:rpm/tuxcare/kernel-modules?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-modules-extra

Package

Name: kernel-modules-extra
Purl: pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-modules-internal

Package

Name: kernel-modules-internal
Purl: pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-selftests-internal

Package

Name: kernel-selftests-internal
Purl: pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-tools

Package

Name: kernel-tools
Purl: pkg:rpm/tuxcare/kernel-tools?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-tools-libs

Package

Name: kernel-tools-libs
Purl: pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

kernel-tools-libs-devel

Package

Name: kernel-tools-libs-devel
Purl: pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

perf

Package

Name: perf
Purl: pkg:rpm/tuxcare/perf?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"

python3-perf

Package

Name: python3-perf
Purl: pkg:rpm/tuxcare/python3-perf?distro=centos-8.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-305.25.1.el8_4.tuxcare.els17

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1719932549.json"