{"schema_version": "1.3.1", "id": "RLSA-2024:4211", "modified": "2024-07-15T12:19:56.959961Z", "published": "2024-07-15T12:17:38.762432Z", "related": ["CVE-2020-26555", "CVE-2021-46909", "CVE-2021-46972", "CVE-2021-47069", "CVE-2021-47073", "CVE-2021-47236", "CVE-2021-47310", "CVE-2021-47311", "CVE-2021-47353", "CVE-2021-47356", "CVE-2021-47456", "CVE-2021-47495", "CVE-2023-5090", "CVE-2023-52464", "CVE-2023-52560", "CVE-2023-52615", "CVE-2023-52626", "CVE-2023-52667", "CVE-2023-52669", "CVE-2023-52675", "CVE-2023-52686", "CVE-2023-52700", "CVE-2023-52703", "CVE-2023-52781", "CVE-2023-52813", "CVE-2023-52835", "CVE-2023-52877", "CVE-2023-52878", "CVE-2023-52881", "CVE-2024-26583", "CVE-2024-26584", "CVE-2024-26585", "CVE-2024-26656", "CVE-2024-26675", "CVE-2024-26735", "CVE-2024-26759", "CVE-2024-26801", "CVE-2024-26804", "CVE-2024-26826", "CVE-2024-26859", "CVE-2024-26906", "CVE-2024-26907", "CVE-2024-26974", "CVE-2024-26982", "CVE-2024-27397", "CVE-2024-27410", "CVE-2024-35789", "CVE-2024-35835", "CVE-2024-35838", "CVE-2024-35845", "CVE-2024-35852", "CVE-2024-35853", "CVE-2024-35854", "CVE-2024-35855", "CVE-2024-35888", "CVE-2024-35890", "CVE-2024-35958", "CVE-2024-35959", "CVE-2024-35960", "CVE-2024-36004", "CVE-2024-36007"], "summary": "Important: kernel security and bug fix update", "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)\n\n* kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number (CVE-2023-52881,RHV-2024-1001)\n\n* kernel: ovl: fix leaked entry (CVE-2021-46972)\n\n* kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (CVE-2021-47073)\n\n* kernel: gro: fix ownership transfer (CVE-2024-35890)\n\n* kernel: tls: (CVE-2024-26584, CVE-2024-26583, CVE-2024-26585)\n\n* kernel: wifi: (CVE-2024-35789, CVE-2024-27410, CVE-2024-35838, CVE-2024-35845)\n\n* kernel: mlxsw: (CVE-2024-35855, CVE-2024-35854, CVE-2024-35853, CVE-2024-35852, CVE-2024-36007)\n\n* kernel: PCI interrupt mapping cause oops [rhel-8] (CVE-2021-46909)\n\n* kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)\n\n* kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng [rhel-8] (CVE-2023-52615)\n\n* kernel: net/mlx5e: (CVE-2023-52626, CVE-2024-35835, CVE-2023-52667, CVE-2024-35959)\n\n* kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)\n\n* kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset [rhel-8] (CVE-2024-26801)\n\n* kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)\n\n* kernel: netfilter: nf_tables: use timestamp to check for set element timeout [rhel-8.10] (CVE-2024-27397)\n\n* kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)\n\n* kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)\n\n* kernel: x86/mm/swap: (CVE-2024-26759, CVE-2024-26906)\n\n* kernel: tipc: fix kernel warning when sending SYN message [rhel-8] (CVE-2023-52700)\n\n* kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)\n\n* kernel: erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)\n\n* kernel: powerpc/imc-pmu/powernv: (CVE-2023-52675, CVE-2023-52686)\n\n* kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)\n\n* kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)\n\n* kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)\n\n* kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)\n\n* kernel: crypto: (CVE-2024-26974, CVE-2023-52669, CVE-2023-52813)\n\n* kernel: net/mlx5/bnx2x/usb: (CVE-2024-35960, CVE-2024-35958, CVE-2021-47310, CVE-2024-26804, CVE-2021-47311, CVE-2024-26859, CVE-2021-47236, CVE-2023-52703)\n\n* kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)\n\n* kernel: perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)\n\n* kernel: USB/usbnet: (CVE-2023-52781, CVE-2023-52877, CVE-2021-47495)\n\n* kernel: can: (CVE-2023-52878, CVE-2021-47456)\n\n* kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)\n\n* kernel: udf: Fix NULL pointer dereference in udf_symlink function (CVE-2021-47353)\n\nBug Fix(es):\n\n* Kernel panic - kernel BUG at mm/slub.c:376! (JIRA:Rocky Linux-29783)\n\n* Temporary values in FIPS integrity test should be zeroized [rhel-8.10.z] (JIRA:Rocky Linux-35361)\n\n* Rocky Linux8.6 - kernel: s390/cpum_cf: make crypto counters upward compatible (JIRA:Rocky Linux-36048)\n\n* [Rocky Linux8] blktests block/024 failed (JIRA:Rocky Linux-8130)\n\n* Rocky Linux8.9: EEH injections results Error: Power fault on Port 0 and other call traces(Everest/1050/Shiner) (JIRA:Rocky Linux-14195)\n\n* Latency spikes with Matrox G200 graphic cards (JIRA:Rocky Linux-36172)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "kernel", "purl": "pkg:rpm/rocky-linux/kernel?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.18.0-553.8.1.el8_10"}], "database_specific": {"yum_repository": "BaseOS"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2024:4211"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918601"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248122"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258875"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265517"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265519"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265520"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265800"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266408"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266831"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267513"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267518"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267730"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270093"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271680"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272692"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272829"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273204"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273278"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273423"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273429"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275604"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275633"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275635"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275733"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278337"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278354"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280434"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281057"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281113"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281157"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281165"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281251"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281253"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281255"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281257"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281272"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281311"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281334"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281346"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281350"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281689"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281693"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281920"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281923"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281925"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281953"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281986"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282394"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282400"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282471"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282472"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282581"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282609"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282612"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282653"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282680"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282698"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282712"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282735"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282902"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282920"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}