CLSA-2024-1725872696

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2024-1725872696
Upstream
Published
2024-09-09T09:05:00Z
Modified
2026-05-27T11:35:54.399346231Z
Summary
kernel: Fix of 42 CVEs
Details
  • netfilter: nf_tables: use timestamp to check for set element timeout {CVE-2024-27397}
  • x86/sev: Harden #VC instruction emulation somewhat {CVE-2024-25742}
  • bpf: Avoid uninitialized value in BPFCOREREAD_BITFIELD {CVE-2024-42161}
  • selftests/bpf: Fix BPFCOREREAD_BITFIELD() macro {CVE-2024-42161}
  • pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940}
  • pinctrl: core: fix possible memory leak in pinctrl_enable() {CVE-2024-36940}
  • net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
  • wifi: mt76: replace skbput with skbput_zero {CVE-2024-42225}
  • ata: libata-core: Fix double free on error {CVE-2024-41087}
  • drm/amdgpu: add error handle to avoid out-of-bounds {CVE-2024-39471}
  • drm/amd/display: Fix potential index out of bounds in color transformation function {CVE-2024-38552}
  • net: sched: schmultiq: fix possible OOB write in multiqtune() {CVE-2024-36978}
  • drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}
  • net/sched: flower: Fix chain template offload {CVE-2024-26669}
  • ipv6: Remove extra counter pull before gc {CVE-2023-52340}
  • ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}
  • net/dst: use a smaller percpu_counter batch for dst entries accounting {CVE-2023-52340}
  • net: add a route cache full diagnostic message {CVE-2023-52340}
  • Bluetooth: afbluetooth: Fix Use-After-Free in btsock_recvmsg {CVE-2023-51779}
  • tcp_metrics: validate source addr length {CVE-2024-42154}
  • net: fix out-of-bounds access in ops_init {CVE-2024-36883}
  • tap: add missing verification for short frame {CVE-2024-41090}
  • tun: add missing verification for short frame {CVE-2024-41091}
  • iommu: Fix potential use-after-free during probe {CVE-2022-48796}
  • nvme: fix a possible use-after-free in controller reset during load {CVE-2022-48790}
  • nvme-tcp: fix possible use-after-free in transport error_recovery work {CVE-2022-48789}
  • nvme-rdma: fix possible use-after-free in transport error_recovery work {CVE-2022-48788}
  • ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound() {CVE-2024-26773}
  • ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal() {CVE-2024-26772}
  • ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704}
  • hvnetvsc: Fix race condition between netvscprobe and netvsc_remove {CVE-2024-26698}
  • ubi: Check for too small LEB size in VTBL code {CVE-2024-25739}
  • scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool {CVE-2023-52811}
  • arp: Prevent overflow in arpreqget(). {CVE-2024-26733}
  • SUNRPC: Fix a suspicious RCU usage warning {CVE-2023-52623}
  • ext4: avoid online resizing failures due to oversized flex bg {CVE-2023-52622}
  • pstore/ram: Fix crash when setting number of cpus to an odd number {CVE-2023-52619}
  • wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
  • drm: Don't unref the same fb many times by mistake due to deadlock handling {CVE-2023-52486}
  • net: amd-xgbe: Fix skb data length underflow {CVE-2022-48743}
  • tracing: Restructure traceclockglobal() to never block {CVE-2021-46939}
  • tcp: make sure init the accept_queue's spinlocks once {CVE-2024-26614}
  • drm/amdgpu: Using uninitialized value *size when calling amdgpuvcecs_reloc {CVE-2024-42228}
  • gfs2: Fix potential glock use-after-free on unmount {CVE-2024-38570}
  • gfs2: Rename sd_{ glock => kill }_wait {CVE-2024-38570}
  • gfs2: Use containerof() for gfs2glock(aspace) {CVE-2024-38570}
  • gfs2: Wake up when sdglockdisposal becomes zero {CVE-2024-38570}
  • gfs2: Remove ill-placed consistency check {CVE-2024-38570}
  • gfs2: introduce new gfs2glockassert_withdraw {CVE-2024-38570}
  • gfs2: simplify gdlmputlock with out_free label {CVE-2024-38570}
  • gfs2: Expect -EBUSY after canceling dlm locking requests {CVE-2024-38570}
  • gfs2: Don't call dlm after protocol is unmounted {CVE-2024-38570}
  • gfs2: Don't skip dlm unlock if glock has an lvb {CVE-2024-38570}
  • netfilter: nftables: release mutex after nftgcseqend from abort path {CVE-2024-26925}
  • netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668}
  • sched/psi: Fix use-after-free in epremovewait_queue() {CVE-2023-52707}
  • wait: add wakeuppollfree() {CVE-2023-52707}
References

Affected packages

TuxCare:CentOS:8.4
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel

Package

Name
kernel
Purl
pkg:rpm/tuxcare/kernel?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-core

Package

Name
kernel-core
Purl
pkg:rpm/tuxcare/kernel-core?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-cross-headers

Package

Name
kernel-cross-headers
Purl
pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug

Package

Name
kernel-debug
Purl
pkg:rpm/tuxcare/kernel-debug?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug-core

Package

Name
kernel-debug-core
Purl
pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug-devel

Package

Name
kernel-debug-devel
Purl
pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug-modules

Package

Name
kernel-debug-modules
Purl
pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug-modules-extra

Package

Name
kernel-debug-modules-extra
Purl
pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-debug-modules-internal

Package

Name
kernel-debug-modules-internal
Purl
pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-devel

Package

Name
kernel-devel
Purl
pkg:rpm/tuxcare/kernel-devel?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-headers

Package

Name
kernel-headers
Purl
pkg:rpm/tuxcare/kernel-headers?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-ipaclones-internal

Package

Name
kernel-ipaclones-internal
Purl
pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-modules

Package

Name
kernel-modules
Purl
pkg:rpm/tuxcare/kernel-modules?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-modules-extra

Package

Name
kernel-modules-extra
Purl
pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-modules-internal

Package

Name
kernel-modules-internal
Purl
pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-selftests-internal

Package

Name
kernel-selftests-internal
Purl
pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-tools

Package

Name
kernel-tools
Purl
pkg:rpm/tuxcare/kernel-tools?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-tools-libs

Package

Name
kernel-tools-libs
Purl
pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel
Purl
pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"
python3-perf

Package

Name
python3-perf
Purl
pkg:rpm/tuxcare/python3-perf?distro=centos-8.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-305.25.1.el8_4.tuxcare.els19

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2024-1725872696.json"