(RHSA-2024:5692) Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

• kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)

• kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)

• kernel: wifi: iwlwifi: dbg-tlv: ensure NUL termination (CVE-2024-35845)

• kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)

• kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)

• kernel: isdn: mISDN: Fix sleeping function called from invalid context (CVE-2021-47468)

• kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

• kernel: wifi: nl80211: don't free NULL coalescing rule (CVE-2024-36941)

• kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)

• kernel: gfs2: Fix potential glock use-after-free on unmount (CVE-2024-38570)

• kernel: KVM: x86: nSVM: fix potential NULL derefernce on nested migration (CVE-2022-48793)

• kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.