Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:6567
HistorySep 11, 2024 - 12:05 a.m.

(RHSA-2024:6567) Moderate: kernel security update

2024-09-1100:05:08
access.redhat.com
9
linux kernel
cve fixes
security update
moderate
efivarfs
nfsd
cachestat
bluetooth
kprobes
kvm
mm
x86
net
regmap
usb-storage
scsi
xhci
cxl
ppp
pci/msi
xdp
nvme

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.001

Percentile

17.8%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)

  • kernel: nfsd: fix RELEASE_LOCKOWNER (CVE-2024-26629)

  • kernel: mm: cachestat: fix folio read-after-free in cache walk (CVE-2024-26630)

  • kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (CVE-2024-26720)

  • kernel: Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886)

  • kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (CVE-2024-26946)

  • kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (CVE-2024-35791)

  • kernel: mm: cachestat: fix two shmem bugs (CVE-2024-35797)

  • kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems (CVE-2024-35875)

  • kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)

  • kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area (CVE-2023-52801)

  • kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)

  • kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() (CVE-2024-36019)

  • kernel: usb-storage: alauda: Check whether the media is initialized (CVE-2024-38619)

  • kernel: net: bridge: mst: fix vlan use-after-free (CVE-2024-36979)

  • kernel: scsi: qedf: Ensure the copied buf is NUL terminated (CVE-2024-38559)

  • kernel: xhci: Handle TD clearing for multiple streams case (CVE-2024-40927)

  • kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() (CVE-2024-40936)

  • kernel: net/sched: Fix UAF when resolving a clash (CVE-2024-41040)

  • kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)

  • kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)

  • kernel: PCI/MSI: Fix UAF in msi_capability_init (CVE-2024-41096)

  • kernel: xdp: Remove WARN() from __xdp_reg_mem_model() (CVE-2024-42082)

  • kernel: x86: stop playing stack games in profile_pc() (CVE-2024-42096)

  • kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (CVE-2024-42102)

  • kernel: mm: avoid overflows in dirty throttling logic (CVE-2024-42131)

  • kernel: nvme: avoid double free special payload (CVE-2024-41073)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9s390xperf-debuginfo< 5.14.0-427.35.1.el9_4perf-debuginfo-5.14.0-427.35.1.el9_4.s390x.rpm
RedHat9x86_64kernel-rt-debuginfo< 5.14.0-427.35.1.el9_4kernel-rt-debuginfo-5.14.0-427.35.1.el9_4.x86_64.rpm
RedHat9ppc64lekernel-devel< 5.14.0-427.35.1.el9_4kernel-devel-5.14.0-427.35.1.el9_4.ppc64le.rpm
RedHat9ppc64lebpftool< 7.3.0-427.35.1.el9_4bpftool-7.3.0-427.35.1.el9_4.ppc64le.rpm
RedHat9aarch64kernel-debug-core< 5.14.0-427.35.1.el9_4kernel-debug-core-5.14.0-427.35.1.el9_4.aarch64.rpm
RedHat9aarch64kernel-64k-debug-devel-matched< 5.14.0-427.35.1.el9_4kernel-64k-debug-devel-matched-5.14.0-427.35.1.el9_4.aarch64.rpm
RedHat9x86_64python3-perf< 5.14.0-427.35.1.el9_4python3-perf-5.14.0-427.35.1.el9_4.x86_64.rpm
RedHat9aarch64kernel-devel-matched< 5.14.0-427.35.1.el9_4kernel-devel-matched-5.14.0-427.35.1.el9_4.aarch64.rpm
RedHat9x86_64kernel-devel-matched< 5.14.0-427.35.1.el9_4kernel-devel-matched-5.14.0-427.35.1.el9_4.x86_64.rpm
RedHat9x86_64kernel-debug< 5.14.0-427.35.1.el9_4kernel-debug-5.14.0-427.35.1.el9_4.x86_64.rpm
Rows per page:
1-10 of 1761

Related

nessus 11
osv 19
rocky 2
oraclelinux 1
redhat 2
ubuntucve 19
nvd 23
vulnrichment 24
debiancve 22
redhatcve 23
cvelist 22
prion 2
cbl_mariner 10
cve 19
nessus
nessus
Oracle Linux 9 : kernel (ELSA-2024-6567)
2024-09-12 00:00:00
RHEL 9 : kernel (RHSA-2024:6567)
2024-09-11 00:00:00
Rocky Linux 9 : kernel (RLSA-2024:6567)
2024-09-16 00:00:00
osv
osv
Moderate: kernel security update
2024-09-17 00:57:55
Moderate: kernel security update
2024-09-17 00:55:50
CVE-2024-42082
2024-07-29 16:15:07
rocky
rocky
kernel security update
2024-09-17 00:57:55
kernel security update
2024-09-17 00:55:50
oraclelinux
oraclelinux
kernel security update
2024-09-11 00:00:00
redhat
redhat
(RHSA-2024:6268) Moderate: kernel-rt security update
2024-09-04 00:06:53
(RHSA-2024:6267) Moderate: kernel security update
2024-09-04 00:06:41
ubuntucve
ubuntucve
CVE-2023-52801
2024-05-21 00:00:00
CVE-2024-26630
2024-03-13 00:00:00
CVE-2024-26946
2024-05-01 00:00:00
nvd
nvd
CVE-2023-52801
2024-05-21 16:15:18
CVE-2024-26630
2024-03-13 16:15:30
CVE-2024-41096
2024-07-29 16:15:04
vulnrichment
vulnrichment
CVE-2023-52801 iommufd: Fix missing update of domains_itree after splitting iopt_area
2024-05-21 15:31:13
CVE-2024-35875 x86/coco: Require seeding RNG with RDRAND on CoCo systems
2024-05-19 08:34:32
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
2024-07-29 15:48:09
debiancve
debiancve
CVE-2024-40936
2024-07-12 13:15:16
CVE-2024-26630
2024-03-13 16:15:30
CVE-2024-42082
2024-07-29 16:15:07
redhatcve
redhatcve
CVE-2024-40936
2024-07-16 15:57:14
CVE-2024-26630
2024-03-13 21:45:43
CVE-2023-52801
2024-05-23 11:11:11
cvelist
cvelist
CVE-2024-26630 mm: cachestat: fix folio read-after-free in cache walk
2024-03-13 15:50:32
CVE-2023-52801 iommufd: Fix missing update of domains_itree after splitting iopt_area
2024-05-21 15:31:13
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
2024-07-29 15:48:09
prion
prion
Spoofing
2024-03-13 16:15:00
Spoofing
2024-03-13 14:15:00
cbl_mariner
cbl_mariner
CVE-2024-42082 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-42082 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
CVE-2024-41096 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
cve
cve
CVE-2024-35875
2024-05-19 09:15:08
CVE-2024-42082
2024-07-29 16:15:07
CVE-2024-40936
2024-07-12 13:15:16

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.001

Percentile

17.8%

JSON
Related for RHSA-2024:6567
nessus11osv19rocky2oraclelinux1redhat2ubuntucve19nvd23vulnrichment24debiancve22redhatcve23cvelist22prion2cbl_mariner10cve19