(RHSA-2024:4740) Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)

• kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability (CVE-2023-4155)

• kernel: kvm: Avoid potential UAF in LPI translation cache (CVE-2024-26598)

• kernel: wifi: mac80211: fix potential key use-after-free (CVE-2023-52530)

• kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)

• kernel: KVM: s390: vsie: fix race during shadow creation (CVE-2023-52639)

• kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)

• kernel: net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)

• kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801)

• kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)

• kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

• kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)

• kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)

• kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)

• kernel: net: qcom/emac: fix UAF in emac_remove (CVE-2021-47311)

• kernel: net: ti: fix UAF in tlan_remove_one (CVE-2021-47310)

• kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.