CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
16.4%
An update is available for kernel.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458)
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (CVE-2024-26773)
kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737)
kernel: dm: call the resume method on internal suspend (CVE-2024-26880)
kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (CVE-2024-26852)
kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)
kernel: nfp: flower: handle acti_netdevs allocation failure (CVE-2024-27046)
kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)
kernel: icmp: prevent possible NULL dereferences from icmp_build_probe() (CVE-2024-35857)
kernel: mlxbf_gige: call request_irq() after NAPI initialized (CVE-2024-35907)
kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)
kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809)
kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459)
kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (CVE-2024-36924)
kernel: scsi: lpfc: Move NPIV’s transport unregistration to after resource clean up (CVE-2024-36952)
kernel: net: amd-xgbe: Fix skb data length underflow (CVE-2022-48743)
kernel: epoll: be better about file lifetimes (CVE-2024-38580)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rocky | 9 | x86_64 | bpftool-debuginfo | < 7.3.0-427.28.1.el9_4 | bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.x86_64.rpm |
rocky | 9 | aarch64 | bpftool | < 7.3.0-427.28.1.el9_4 | bpftool-0:7.3.0-427.28.1.el9_4.aarch64.rpm |
rocky | 9 | ppc64le | bpftool | < 7.3.0-427.28.1.el9_4 | bpftool-0:7.3.0-427.28.1.el9_4.ppc64le.rpm |
rocky | 9 | s390x | bpftool | < 7.3.0-427.28.1.el9_4 | bpftool-0:7.3.0-427.28.1.el9_4.s390x.rpm |
rocky | 9 | x86_64 | bpftool | < 7.3.0-427.28.1.el9_4 | bpftool-0:7.3.0-427.28.1.el9_4.x86_64.rpm |
rocky | 9 | aarch64 | bpftool-debuginfo | < 7.3.0-427.28.1.el9_4 | bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.aarch64.rpm |
rocky | 9 | ppc64le | bpftool-debuginfo | < 7.3.0-427.28.1.el9_4 | bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.ppc64le.rpm |
rocky | 9 | s390x | bpftool-debuginfo | < 7.3.0-427.28.1.el9_4 | bpftool-debuginfo-0:7.3.0-427.28.1.el9_4.s390x.rpm |
rocky | 9 | aarch64 | kernel | < 5.14.0-427.28.1.el9_4 | kernel-0:5.14.0-427.28.1.el9_4.aarch64.rpm |
rocky | 9 | ppc64le | kernel | < 5.14.0-427.28.1.el9_4 | kernel-0:5.14.0-427.28.1.el9_4.ppc64le.rpm |