(RHSA-2024:4902) Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: arp: Prevent overflow in arp_req_get(). (CVE-2024-26733)

• kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)

• kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)

• kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)

• kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960)

• kernel: bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)

• kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)

• kernel: i40e: fix vf may be used uninitialized in this function warning (CVE-2024-36020)

• kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (CVE-2024-36025)

• kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)

• kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924)

• kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743)

• kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (CVE-2024-38596)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.