RHSA-2024:0461 -- Redhat kernel, bpftool, perf, python3-perf, rtla, rvID: oval:org.secpod.oval:def:509094 | Date: (C)2024-03-12 (M)2024-06-03 |
Class: PATCH | Family: unix |
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags kernel: use after free in unix_stream_sendpage kernel: net/sched: sch_hfsc UAF kernel: use after free in nvmet_tcp_free_crypto in NVMe kernel: vmwgfx: reference count issue leads to use-after-free in surface handling kernel: netfilter: potential slab-out-of-bound access due to integer underflow kernel: nfp: use-after-free in area_cache_get kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip kernel: NULL pointer dereference in can_rcv_filter kernel: Slab-out-of-bound read in compare_netdev_and_ip kernel: use-after-free in netfilter: nf_tables kernel: use after free in nft_immediate_deactivate kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c kernel: SEV-ES local priv escalation kernel: NULL pointer dereference in dpll_pin_parent_pin_set in drivers/dpll/dpll_netlink.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 9 |
Product: |
kernel |
bpftool |
perf |
python3-perf |
rtla |
rv |