CLSA-2024-1722977984

ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}
ima: define imamaxdigest_data struct without a flexible array variable
ima: detect changes to the backing overlay file
tcp: Use refcountincnotzero() in tcptwsk_unique(). {CVE-2024-36904}
af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}
net/ipv6: avoid possible UAF in ip6routempath_notify() {CVE-2024-26852}
net/mlx5: Fix a race on command flush flow {CVE-2022-48858}
sctp: fix kernel-infoleak for SCTP sockets {CVE-2022-48855}
bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem. {CVE-2022-0500}
bpf: Make percpuptr return rdonly PTRTOMEM. {CVE-2022-0500}
bpf: Introduce MEM_RDONLY flag {CVE-2022-0500}
bpf: Replace PTRTOXXXORNULL with PTRTOXXX | PTRMAYBENULL {CVE-2022-0500}
bpf: Replace RETXXXORNULL with RETXXX | PTRMAYBENULL {CVE-2022-0500}
bpf: Replace ARGXXXORNULL with ARGXXX | PTRMAYBENULL {CVE-2022-0500}
bpf: Introduce composable reg, ret and arg types. {CVE-2022-0500}
bpf: Extract nullable reg type conversion into a helper function {CVE-2022-0500}
bpf: Rename bpfregstate variables {CVE-2022-0500}
libbpf: Fix use-after-free in btfdumpname_dups {CVE-2022-3534}
net: fix __dstnegativeadvice() race {CVE-2024-36971}
ext4: fix kernel BUG in 'ext4writeinlinedataend()' {CVE-2021-33631}
tipc: fix UAF in error path {CVE-2024-36886}
smb: client: fix parsing of SMB3.1.1 POSIX create context {CVE-2023-52434}
smb: client: fix potential OOBs in smb2parsecontexts() {CVE-2023-52434}
perf: Disallow mis-matched inherited group reads {CVE-2023-5717}
afunix: Fix null-ptr-deref in unixstream_sendpage(). {CVE-2023-4622}
sched/rt: picknextrtentity(): check listentry {CVE-2023-1077}
i2c: Fix a potential use after free {CVE-2019-25162}

References

https://errata.cloudlinux.com/centos8.5-els/CLSA-2024-1722977984.html

Affected packages

TuxCare:CentOS:8.5

bpftool

Package

Name: bpftool
Purl: pkg:rpm/tuxcare/bpftool?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel

Package

Name: kernel
Purl: pkg:rpm/tuxcare/kernel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-core

Package

Name: kernel-core
Purl: pkg:rpm/tuxcare/kernel-core?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-cross-headers

Package

Name: kernel-cross-headers
Purl: pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug

Package

Name: kernel-debug
Purl: pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug-core

Package

Name: kernel-debug-core
Purl: pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug-devel

Package

Name: kernel-debug-devel
Purl: pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug-modules

Package

Name: kernel-debug-modules
Purl: pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug-modules-extra

Package

Name: kernel-debug-modules-extra
Purl: pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-debug-modules-internal

Package

Name: kernel-debug-modules-internal
Purl: pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-devel

Package

Name: kernel-devel
Purl: pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-headers

Package

Name: kernel-headers
Purl: pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-ipaclones-internal

Package

Name: kernel-ipaclones-internal
Purl: pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-modules

Package

Name: kernel-modules
Purl: pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-modules-extra

Package

Name: kernel-modules-extra
Purl: pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-modules-internal

Package

Name: kernel-modules-internal
Purl: pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-selftests-internal

Package

Name: kernel-selftests-internal
Purl: pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-tools

Package

Name: kernel-tools
Purl: pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-tools-libs

Package

Name: kernel-tools-libs
Purl: pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

kernel-tools-libs-devel

Package

Name: kernel-tools-libs-devel
Purl: pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

perf

Package

Name: perf
Purl: pkg:rpm/tuxcare/perf?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"

python3-perf

Package

Name: python3-perf
Purl: pkg:rpm/tuxcare/python3-perf?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.18.0-348.7.1.el8_5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2024-1722977984.json"