Issued at: 2024-10-25
Updated at: 2024-10-25
Synopsis
Moderate: kernel security update
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)
* kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403)
* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)
* kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989)
* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)
* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)
* kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)
* kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556)
* kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483)
* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
* kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959)
* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)
* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)
* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.