CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)
kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974)
kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)
kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870)
kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)
kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400)
Bug Fix(es):
cifs - kernel panic with cifs_put_smb_ses (JIRA:RHEL-28943)
BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z] (JIRA:RHEL-35672)
[HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z] (JIRA:RHEL-36220)
[RHEL9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z] (JIRA:RHEL-36687)
ice: DPLL-related fixes [rhel-9.4.z] (JIRA:RHEL-36716)
CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z] (JIRA:RHEL-37641)
IPv6: SR: backport fixes from upstream [rhel-9.4.z] (JIRA:RHEL-37669)
[RFE] Backport tmpfs noswap mount option [rhel-9.4.z] (JIRA:RHEL-38252)
Isolated cores causing issues on latest RHEL9.4 kernel and not functioning as desired. [rhel-9.4.z] (JIRA:RHEL-38595)
[ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z] (JIRA:RHEL-39083)
[HPEMC RHEL 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z] (JIRA:RHEL-34953)
bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z] (JIRA:RHEL-43272)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.