Main Vulnerability Database SB2024091105

SB2024091105 - Red Hat Enterprise Linux 9 update for kernel

Published: September 11, 2024

Security Bulletin ID SB2024091105

Severity

Low

Patch available

YES

Number of vulnerabilities 27

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 27 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2023-52463)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.

2) Improper locking (CVE-ID: CVE-2024-26629)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the check_for_locks() and nfsd4_release_lockowner() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.

3) Resource management error (CVE-ID: CVE-2024-26630)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the filemap_cachestat() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.

4) Division by zero (CVE-ID: CVE-2024-26720)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the wb_dirty_limits() function in mm/page-writeback.c. A local user can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2024-26886)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bt_sock_recvmsg() and bt_sock_ioctl() functions in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.

6) Input validation error (CVE-ID: CVE-2024-26946)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.

7) Use-after-free (CVE-ID: CVE-2024-35791)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the svm_register_enc_region() function in arch/x86/kvm/svm/sev.c. A local user can escalate privileges on the system.

8) Out-of-bounds read (CVE-ID: CVE-2024-35797)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the filemap_cachestat() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.

9) Input validation error (CVE-ID: CVE-2024-35875)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the setup_arch() function in arch/x86/kernel/setup.c, within the cc_mkdec() function in arch/x86/coco/core.c. A local user can perform a denial of service (DoS) attack.

10) Reachable Assertion (CVE-ID: CVE-2024-36000)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the alloc_huge_page() function in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

11) Use-after-free (CVE-ID: CVE-2023-52801)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iopt_area_split() function in drivers/iommu/iommufd/io_pagetable.c. A local user can escalate privileges on the system.

12) Out-of-bounds read (CVE-ID: CVE-2024-36883)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.

13) Out-of-bounds read (CVE-ID: CVE-2024-36019)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the regcache_maple_drop() function in drivers/base/regmap/regcache-maple.c. A local user can perform a denial of service (DoS) attack.

14) Use of uninitialized resource (CVE-ID: CVE-2024-38619)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.

15) Use-after-free (CVE-ID: CVE-2024-36979)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the br_mst_vlan_set_state() and br_mst_set_state() functions in net/bridge/br_mst.c. A local user can escalate privileges on the system.

16) Out-of-bounds read (CVE-ID: CVE-2024-38559)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.

17) Use-after-free (CVE-ID: CVE-2024-40927)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xhci_invalidate_cancelled_tds() and xhci_handle_cmd_set_deq() functions in drivers/usb/host/xhci-ring.c. A local user can escalate privileges on the system.

18) Memory leak (CVE-ID: CVE-2024-40936)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the devm_cxl_add_region() and __create_region() functions in drivers/cxl/core/region.c. A local user can perform a denial of service (DoS) attack.

19) Use-after-free (CVE-ID: CVE-2024-41040)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the net/sched/act_ct.c. A local user can escalate privileges on the system.

20) Input validation error (CVE-ID: CVE-2024-41044)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ppp_read() and ppp_write() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.

21) NULL pointer dereference (CVE-ID: CVE-2024-41055)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/mmzone.h. A local user can perform a denial of service (DoS) attack.

22) Use-after-free (CVE-ID: CVE-2024-41096)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the msi_capability_init() function in drivers/pci/msi/msi.c. A local user can escalate privileges on the system.

23) Buffer overflow (CVE-ID: CVE-2024-42082)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the __xdp_reg_mem_model() function in net/core/xdp.c. A local user can perform a denial of service (DoS) attack.

24) Improper locking (CVE-ID: CVE-2024-42096)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the profile_pc() function in arch/x86/kernel/time.c. A local user can perform a denial of service (DoS) attack.

25) Integer overflow (CVE-ID: CVE-2024-42102)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the wb_dirty_limits() function in mm/page-writeback.c. A local user can execute arbitrary code.

26) Integer overflow (CVE-ID: CVE-2024-42131)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.

27) Double free (CVE-ID: CVE-2024-41073)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the nvme_cleanup_cmd() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2024:6567

SB2024091105 - Red Hat Enterprise Linux 9 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human