{"schema_version": "1.3.1", "id": "RXSA-2024:4349", "modified": "2024-07-15T12:20:37.054346Z", "published": "2024-07-15T12:20:29.479474Z", "related": ["CVE-2021-47400", "CVE-2023-52626", "CVE-2023-52667", "CVE-2024-26801", "CVE-2024-26974", "CVE-2024-27393", "CVE-2024-35870", "CVE-2024-35960"], "summary": "Moderate: kernel security and bug fix update", "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)\n\n* kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)\n\n* kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)\n\n* kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)\n\n* kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)\n\n* kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)\n\n* kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)\n\n* kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)\n\nBug Fix(es):\n\n* cifs - kernel panic with cifs_put_smb_ses (JIRA:Rocky Linux SIG Cloud-28943)\n\n* BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-35672)\n\n* [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36220)\n\n* [Rocky Linux SIG Cloud9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36687)\n\n* ice: DPLL-related fixes [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-36716)\n\n* CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-37641)\n\n* IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-37669)\n\n* [RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-38252)\n\n* Isolated cores causing issues on latest Rocky Linux SIG Cloud9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-38595)\n\n* [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-39083)\n\n* [HPEMC Rocky Linux SIG Cloud 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-34953)\n\n* bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:Rocky Linux SIG Cloud-43272)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.", "affected": [{"package": {"ecosystem": "Rocky Linux:9", "name": "kernel", "purl": "pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9-sig-cloud&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.14.0-427.24.1.el9_4.cloud.3.0"}], "database_specific": {"yum_repository": "cloud-common"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RXSA-2024:4349"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271680"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273429"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278354"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280745"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281350"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281740"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281920"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282336"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}