RLSA-2024:1607

Source
https://errata.rockylinux.org/RLSA-2024:1607
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2024:1607.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2024:1607
Related
Published
2024-04-05T14:55:53.600745Z
Modified
2024-04-05T14:58:31.126377Z
Summary
Important: kernel security, bug fix, and enhancement update
Details

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: vmwgfx: NULL pointer dereference in vmwcmddxdefinequery (CVE-2022-38096)

  • kernel: Out of boundary write in perfreadgroup() as result of overflow a perfevent's readsize (CVE-2023-6931)

  • kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546,ZDI-CAN-20527)

  • kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receiveencryptedstandard of client (CVE-2024-0565)

  • kernel: use-after-free in amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (CVE-2023-51042)

  • kernel: ext4: kernel bug in ext4writeinlinedataend() (CVE-2021-33631)

  • kernel: nftables: use-after-free vulnerability in the nftverdict_init() function (CVE-2024-1086)

Bug Fix(es):

  • OCP 4.12 crashed due to use-after-free in libceph in rhel8 (JIRA:Rocky Linux-21394)

  • kernel: nftables: use-after-free vulnerability in the nftverdict_init() function (JIRA:Rocky Linux-24010)

  • Screen floods with random colour suggesting something not initialised (JIRA:Rocky Linux-21055)

  • kernel: vmxgfx: NULL pointer dereference in vmwcmddxdefinequery (JIRA:Rocky Linux-22766)

  • tx-checksumming required for accessing port in OpenShift for Rocky Linux 8.6 (JIRA:Rocky Linux-20822)

  • kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receiveencryptedstandard of client (JIRA:Rocky Linux-22077)

  • kernel: Out of boundary write in perfreadgroup() as result of overflow a perfevent's readsize (JIRA:Rocky Linux-22930)

  • rbd: don't move requests to the running list on errors [8.x] (JIRA:Rocky Linux-24204)

  • kernel: use-after-free in amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (JIRA:Rocky Linux-24479)

  • ceph: several cap and snap fixes (JIRA:Rocky Linux-20909)

  • [RHVH] Migration hangs between RHVH release bellow 4.5.1 and RHVH over or equal 4.5.2 release (JIRA:Rocky Linux-23063)

  • unable to access smsc95xx based interface unless you start outgoing traffic. (JIRA:Rocky Linux-25719)

  • [Rocky Linux8] ] BUG bio-696 (Not tainted): Poison overwritten (JIRA:Rocky Linux-26101)

  • kernel: GSM multiplexing race condition leads to privilege escalation (JIRA:Rocky Linux-19954)

  • backport smartpqi: fix disablemanagedinterrupts (JIRA:Rocky Linux-26139)

  • kernel: ext4: kernel bug in ext4writeinlinedataend() (JIRA:Rocky Linux-26331)

  • ceph: always check dir caps asynchronously (JIRA:Rocky Linux-27496)

Enhancement(s):

  • [IBM 8.10 FEAT] Upgrade the qeth driver to latest from upstream, e.g. kernel 6.4 (JIRA:Rocky Linux-25811)
References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / kernel

Package

Name
kernel
Purl
pkg:rpm/rocky-linux/kernel?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.18.0-513.24.1.el8_9