{"schema_version": "1.3.1", "id": "RXSA-2024:6567", "modified": "2024-09-17T00:58:04.149670Z", "published": "2024-09-17T00:57:55.623189Z", "related": ["CVE-2023-52463", "CVE-2023-52801", "CVE-2024-26629", "CVE-2024-26630", "CVE-2024-26720", "CVE-2024-26886", "CVE-2024-26946", "CVE-2024-35791", "CVE-2024-35797", "CVE-2024-35875", "CVE-2024-36000", "CVE-2024-36019", "CVE-2024-36883", "CVE-2024-36979", "CVE-2024-38559", "CVE-2024-38619", "CVE-2024-40927", "CVE-2024-40936", "CVE-2024-41040", "CVE-2024-41044", "CVE-2024-41055", "CVE-2024-41073", "CVE-2024-41096", "CVE-2024-42082", "CVE-2024-42096", "CVE-2024-42102", "CVE-2024-42131"], "summary": "Moderate: kernel security update", "details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)\n\n* kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)\n\n* kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630)\n\n* kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)\n\n* kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886)\n\n* kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946)\n\n* kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)\n\n* kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797)\n\n* kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875)\n\n* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)\n\n* kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801)\n\n* kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)\n\n* kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019)\n\n* kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619)\n\n* kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979)\n\n* kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)\n\n* kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927)\n\n* kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936)\n\n* kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040)\n\n* kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)\n\n* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)\n\n* kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096)\n\n* kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082)\n\n* kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096)\n\n* kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102)\n\n* kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131)\n\n* kernel: nvme: avoid double free special payload (CVE-2024-41073)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "affected": [{"package": {"ecosystem": "Rocky Linux:9", "name": "kernel", "purl": "pkg:rpm/rocky-linux/kernel?distro=rocky-linux-9-sig-cloud&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.14.0-427.35.1.el9_4.cloud.1.0"}], "database_specific": {"yum_repository": "cloud-common"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RXSA-2024:6567"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265797"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269434"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269436"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273141"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275678"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278206"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281052"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281151"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281727"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281968"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282709"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284271"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284402"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293273"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293276"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293440"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297511"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297520"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300409"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300414"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300491"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300520"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300713"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301465"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301496"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301637"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}