CLSA-2024-1727815919

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2024-1727815919
Upstream
  • CVE-2021-47287
  • CVE-2023-52605
Published
2024-10-01T20:57:54Z
Modified
2026-05-27T11:33:53.496656445Z
Summary
kernel: Fix of 75 CVEs
Details
  • firmware: cs_dsp: Return error if block header overflows file {CVE-2024-42238}
  • scsi: qedf: Make qedfexecutetmf() non-preemptible {CVE-2024-42124}
  • ftruncate: pass a signed offset {CVE-2024-42084}
  • firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files {CVE-2024-41056}
  • firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers {CVE-2024-41038}
  • USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor {CVE-2024-41035}
  • xfs: add bounds checking to xlogrecoverprocess_data {CVE-2024-41014}
  • netpoll: Fix race condition in netpollowneractive {CVE-2024-41005}
  • drm/radeon: fix UBSAN warning in kv_dpm.c {CVE-2024-40988}
  • ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601}
  • scsi: mpi3mr: Avoid memcpy field-spanning write WARNING {CVE-2024-36920}
  • dmaengine: idxd: Fix oops during rmmod on single-CPU platforms {CVE-2024-35989}
  • udp: do not accept non-tunnel GSO skbs landing in a tunnel {CVE-2024-35884}
  • nvme-fc: do not wait in vain when unloading module {CVE-2024-26846}
  • drm/amdgpu: Fix the null pointer when load rlc firmware {CVE-2024-26649}
  • Input: cyapa - add missing input core locking to suspend/resume functions {CVE-2023-52884}
  • Input: synaptics-rmi4 - fix use after free in rmiunregisterfunction() {CVE-2023-52840}
  • wifi: ath11k: fix htt pktlog locking {CVE-2023-52800}
  • wifi: ath11k: fix dfs radar event locking {CVE-2023-52798}
  • ACPI: LPIT: Avoid u32 multiplication overflow {CVE-2023-52683}
  • ACPI: extlog: fix NULL pointer dereference check {CVE-2023-52605}
  • HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect {CVE-2023-52478}
  • USB: core: Fix hang in usbkillurb by adding memory barriers {CVE-2022-48760}
  • phylib: fix potential use-after-free {CVE-2022-48754}
  • serial: core: fix transmit-buffer reset and memleak {CVE-2021-47527}
  • nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497}
  • mlxsw: thermal: Fix out-of-bounds memory accesses {CVE-2021-47441}
  • hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs {CVE-2021-47393}
  • hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47386}
  • hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47385}
  • hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field {CVE-2021-47384}
  • virtio-net: Add validation for used length {CVE-2021-47352}
  • fbmem: Do not delete the mode that is still in use {CVE-2021-47338}
  • watchdog: Fix possible use-after-free by calling deltimersync() {CVE-2021-47321}
  • ACPI: fix NULL pointer dereference {CVE-2021-47289}
  • driver core: auxiliary bus: Fix memory leak when driver_register() fail {CVE-2021-47287}
  • Input: elantech - fix stack out of bound access in elantechchangereport_id() {CVE-2021-47097}
  • HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts {CVE-2022-48866}
  • ipv6: prevent possible NULL dereference in rt6_probe() {CVE-2024-40960}
  • xfrm6: check ip6dstidev() return value in xfrm6getsaddr() {CVE-2024-40959}
  • wifi: iwlwifi: mvm: don't read past the mfuart notifcation {CVE-2024-40941}
  • wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929}
  • wifi: mac80211: Fix deadlock in ieee80211stapsdeliverwakeup() {CVE-2024-40912}
  • wifi: cfg80211: Lock wiphy in cfg80211getstation {CVE-2024-40911}
  • USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages {CVE-2024-40904}
  • scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
  • liquidio: Adjust a NULL pointer handling path in liovfrepcopypacket {CVE-2024-39506}
  • vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499}
  • crypto: bcm - Fix pointer arithmetic {CVE-2024-38579}
  • scsi: qedf: Ensure the copied buf is NUL terminated {CVE-2024-38559}
  • net: openvswitch: fix overwriting ct original tuple for ICMPv6 {CVE-2024-38558}
  • tcp: Fix shift-out-of-bounds in dctcpupdatealpha(). {CVE-2024-37356}
  • scsi: lpfc: Move NPIV's transport unregistration to after resource clean up {CVE-2024-36952}
  • scsi: lpfc: Release hbalock before calling lpfcworkerwake_up() {CVE-2024-36924}
  • wifi: iwlwifi: read txq->read_ptr under lock {CVE-2024-36922}
  • scsi: bnx2fc: Remove spinlockbh while releasing resources after upload {CVE-2024-36919}
  • netfilter: complete validation of user input {CVE-2024-35962}
  • VMCI: Fix memcpy() run-time warning in dgdispatchas_host() {CVE-2024-35944}
  • ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit() {CVE-2024-26894}
  • dm: call the resume method on internal suspend {CVE-2024-26880}
  • net: ice: Fix potential NULL pointer dereference in icebridgesetlink() {CVE-2024-26855}
  • mm/writeback: fix possible divide-by-zero in wbdirtylimits(), again {CVE-2024-26720}
  • tracing: Ensure visibility when inserting an element into tracing_map {CVE-2024-26645}
  • scsi: libfc: Fix potential NULL pointer dereference in fclportptp_setup() {CVE-2023-52809}
  • perf/x86/lbr: Filter vsyscall addresses {CVE-2023-52476}
  • drm/radeon: check the allocworkqueue return value in radeoncrtc_init() {CVE-2023-52470}
  • Input: add bounds checking to inputsetcapability() {CVE-2022-48619}
  • tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
  • tcp: make sure init the accept_queue's spinlocks once {CVE-2024-26614}
  • bnx2x: Fix multiple UBSAN array-index-out-of-bounds {CVE-2024-42148}
  • net: do not leave a dangling sk pointer, when socket creation fails {CVE-2024-40954}
  • media: xc2028: avoid use-after-free in loadfirmwarecb() {CVE-2024-43900}
  • fou: remove warn in guegroreceive on unsupported protocol {CVE-2024-44940}
  • net/sched: Fix UAF when resolving a clash {CVE-2024-41040}
  • PCI/MSI: Fix UAF in msicapabilityinit {CVE-2024-41096}
References

Affected packages

TuxCare:CentOS-Stream:8
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel

Package

Name
kernel
Purl
pkg:rpm/tuxcare/kernel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-core

Package

Name
kernel-core
Purl
pkg:rpm/tuxcare/kernel-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-cross-headers

Package

Name
kernel-cross-headers
Purl
pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug

Package

Name
kernel-debug
Purl
pkg:rpm/tuxcare/kernel-debug?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug-core

Package

Name
kernel-debug-core
Purl
pkg:rpm/tuxcare/kernel-debug-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug-devel

Package

Name
kernel-debug-devel
Purl
pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug-modules

Package

Name
kernel-debug-modules
Purl
pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug-modules-extra

Package

Name
kernel-debug-modules-extra
Purl
pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-debug-modules-internal

Package

Name
kernel-debug-modules-internal
Purl
pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-devel

Package

Name
kernel-devel
Purl
pkg:rpm/tuxcare/kernel-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-headers

Package

Name
kernel-headers
Purl
pkg:rpm/tuxcare/kernel-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-ipaclones-internal

Package

Name
kernel-ipaclones-internal
Purl
pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-modules

Package

Name
kernel-modules
Purl
pkg:rpm/tuxcare/kernel-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-modules-extra

Package

Name
kernel-modules-extra
Purl
pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-modules-internal

Package

Name
kernel-modules-internal
Purl
pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-selftests-internal

Package

Name
kernel-selftests-internal
Purl
pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-tools

Package

Name
kernel-tools
Purl
pkg:rpm/tuxcare/kernel-tools?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-tools-libs

Package

Name
kernel-tools-libs
Purl
pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel
Purl
pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"
python3-perf

Package

Name
python3-perf
Purl
pkg:rpm/tuxcare/python3-perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2024-1727815919.json"