RLSA-2024:8162

Security

Mirrored from RHSA-2024:8162

Issued at: 2024-10-25

Updated at: 2024-10-25

Synopsis

Moderate: kernel security update

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403)

* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)

* kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)

* kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)

* kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556)

* kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483)

* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)

* kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959)

* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 9 aarch64

Rocky Linux 9 ppc64le

Rocky Linux 9 s390x

Rocky Linux 9 x86_64

Fixes

2270700

2281127

2281149

2281847

2282355

2284571

2293078

2293443

2295921

2297474

2297543

2300517

CVEs

CVE-2021-47385

CVE-2023-28746

CVE-2023-52658

CVE-2024-27403

CVE-2024-35989

CVE-2024-36889

CVE-2024-36978

CVE-2024-38556

CVE-2024-39483

CVE-2024-39502

CVE-2024-40959

CVE-2024-42079

CVE-2024-42272

CVE-2024-42284

Affected packages

Rocky Linux 9 x86_64 - AppStream

kernel-doc-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-debug-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-devel-matched-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-devel-matched-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-headers-0:5.14.0-427.40.1.el9_4.x86_64.rpm

perf-0:5.14.0-427.40.1.el9_4.x86_64.rpm

perf-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

rtla-0:5.14.0-427.40.1.el9_4.x86_64.rpm

rv-0:5.14.0-427.40.1.el9_4.x86_64.rpm

Rocky Linux 9 aarch64 - AppStream

kernel-doc-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-64k-debug-devel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-devel-matched-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-devel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-devel-matched-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-devel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-devel-matched-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-devel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-devel-matched-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-headers-0:5.14.0-427.40.1.el9_4.aarch64.rpm

perf-0:5.14.0-427.40.1.el9_4.aarch64.rpm

perf-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

rtla-0:5.14.0-427.40.1.el9_4.aarch64.rpm

rv-0:5.14.0-427.40.1.el9_4.aarch64.rpm

Rocky Linux 9 s390x - AppStream

kernel-doc-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-debug-devel-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-devel-matched-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-devel-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-devel-matched-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-headers-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-devel-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-devel-matched-0:5.14.0-427.40.1.el9_4.s390x.rpm

perf-0:5.14.0-427.40.1.el9_4.s390x.rpm

perf-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

rtla-0:5.14.0-427.40.1.el9_4.s390x.rpm

rv-0:5.14.0-427.40.1.el9_4.s390x.rpm

Rocky Linux 9 ppc64le - AppStream

kernel-doc-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-debug-devel-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-devel-matched-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-devel-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-devel-matched-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-headers-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

perf-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

perf-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

rtla-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

rv-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

Rocky Linux 9 aarch64 - BaseOS

bpftool-0:7.3.0-427.40.1.el9_4.aarch64.rpm

bpftool-debuginfo-0:7.3.0-427.40.1.el9_4.aarch64.rpm

kernel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-64k-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-debug-modules-extra-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-modules-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-modules-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-64k-modules-extra-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-abi-stablelists-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-modules-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-modules-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-debug-modules-extra-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-modules-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-modules-core-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-modules-extra-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-tools-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-tools-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-tools-libs-0:5.14.0-427.40.1.el9_4.aarch64.rpm

python3-perf-0:5.14.0-427.40.1.el9_4.aarch64.rpm

python3-perf-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

Rocky Linux 9 ppc64le - BaseOS

bpftool-0:7.3.0-427.40.1.el9_4.ppc64le.rpm

bpftool-debuginfo-0:7.3.0-427.40.1.el9_4.ppc64le.rpm

kernel-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-abi-stablelists-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-core-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-core-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-modules-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-modules-core-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-debug-modules-extra-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-modules-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-modules-core-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-modules-extra-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-tools-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-tools-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-tools-libs-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

python3-perf-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

python3-perf-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

Rocky Linux 9 s390x - BaseOS

bpftool-0:7.3.0-427.40.1.el9_4.s390x.rpm

bpftool-debuginfo-0:7.3.0-427.40.1.el9_4.s390x.rpm

kernel-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-abi-stablelists-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-modules-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-modules-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-debug-modules-extra-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-modules-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-modules-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-modules-extra-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-tools-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-tools-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-core-0:5.14.0-427.40.1.el9_4.s390x.rpm

kernel-zfcpdump-modules-extra-0:5.14.0-427.40.1.el9_4.s390x.rpm

python3-perf-0:5.14.0-427.40.1.el9_4.s390x.rpm

python3-perf-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

Rocky Linux 9 x86_64 - BaseOS

bpftool-0:7.3.0-427.40.1.el9_4.x86_64.rpm

bpftool-debuginfo-0:7.3.0-427.40.1.el9_4.x86_64.rpm

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-abi-stablelists-0:5.14.0-427.40.1.el9_4.noarch.rpm

kernel-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-debug-uki-virt-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-tools-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-tools-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-tools-libs-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-uki-virt-0:5.14.0-427.40.1.el9_4.x86_64.rpm

python3-perf-0:5.14.0-427.40.1.el9_4.x86_64.rpm

python3-perf-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

Rocky Linux 9 x86_64 - RT

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-rt-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

Rocky Linux 9 x86_64 - NFV

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-rt-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-kvm-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-kvm-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-core-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-rt-modules-extra-0:5.14.0-427.40.1.el9_4.x86_64.rpm

Rocky Linux 9 x86_64 - CRB

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-cross-headers-0:5.14.0-427.40.1.el9_4.x86_64.rpm

kernel-tools-libs-devel-0:5.14.0-427.40.1.el9_4.x86_64.rpm

libperf-0:5.14.0-427.40.1.el9_4.x86_64.rpm

libperf-debuginfo-0:5.14.0-427.40.1.el9_4.x86_64.rpm

Rocky Linux 9 aarch64 - CRB

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-cross-headers-0:5.14.0-427.40.1.el9_4.aarch64.rpm

kernel-tools-libs-devel-0:5.14.0-427.40.1.el9_4.aarch64.rpm

libperf-0:5.14.0-427.40.1.el9_4.aarch64.rpm

libperf-debuginfo-0:5.14.0-427.40.1.el9_4.aarch64.rpm

Rocky Linux 9 aarch64 - NFV

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

Rocky Linux 9 s390x - NFV

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

Rocky Linux 9 s390x - CRB

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-cross-headers-0:5.14.0-427.40.1.el9_4.s390x.rpm

libperf-0:5.14.0-427.40.1.el9_4.s390x.rpm

libperf-debuginfo-0:5.14.0-427.40.1.el9_4.s390x.rpm

Rocky Linux 9 ppc64le - NFV

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

Rocky Linux 9 ppc64le - CRB

kernel-0:5.14.0-427.40.1.el9_4.src.rpm

kernel-cross-headers-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

kernel-tools-libs-devel-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

libperf-0:5.14.0-427.40.1.el9_4.ppc64le.rpm

libperf-debuginfo-0:5.14.0-427.40.1.el9_4.ppc64le.rpm