(RHSA-2024:5281) Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel:TCP-spoofed ghost ACKs and leak leak initial sequence number (CVE-2023-52881,RHV-2024-1001)

• kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)

• kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (CVE-2023-52448)

• kernel: bnxt: prevent skb UAF after handing over to PTP worker (CVE-2022-48637)

• kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)

• kernel: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (CVE-2024-35852)

• kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

• kernel: net: qcom/emac: fix UAF in emac_remove (CVE-2021-47311)

• kernel: proc/vmcore: fix clearing user buffer by properly using clear_user() (CVE-2021-47566)

• kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)

• kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)

• kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)

• kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)

• kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)

• kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)

• kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)

• kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

• kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.