CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: cxgb4: avoid accessing registers when clearing filters (CVE-2021-47138)
kernel: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (CVE-2024-26698)
kernel: mm/slub: fix to return errno if kmalloc() fails (CVE-2022-48659)
kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)
kernel: vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)
kernel: nvme-rdma: destroy cm id before destroy qp to avoid use after free (CVE-2021-47378)
kernel: userfaultfd: fix a race between writeprotect and exit_mmap() (CVE-2021-47461)
kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
kernel: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (CVE-2024-38564)
kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
kernel: iommu: Fix potential use-after-free during probe (CVE-2022-48796)
kernel: xfs: add bounds checking to xlog_recover_process_data (CVE-2024-41014)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.