{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() {CVE-2024-26855}\n- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}\n- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960}\n- Revert: GFS2: Skip dlm_unlock calls during unmount {CVE-2024-38570}\n- Revert: GFS2: ignore unlock failures after withdraw {CVE-2024-38570}\n- Revert: GFS2: fix skip unlock condition {CVE-2024-38570}\n- ima: Fix use-after-free on a dentry's dname.name {CVE-2024-39494}\n- netfilter: nft_limit: reject configurations that cause integer overflow {CVE-2024-26668}\n- ipv6: remove max_size check inline with ipv4 {CVE-2023-52340}\n- USB: core: Fix deadlock in usb_deauthorize_interface() {CVE-2024-26934}\n- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() {CVE-2024-26882}\n- ip: validate header length on virtual device xmit\n- ext4: improve error recovery code paths in __ext4_remount() {CVE-2024-0775}\n- drivers/amd/pm: fix a use-after-free in kv_parse_power_table {CVE-2023-52469}\n- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc {CVE-2024-42228}\n- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() {CVE-2024-27020}\n- af_unix: Fix garbage collector racing against connect() {CVE-2024-26923}\n- md/raid5: fix atomicity violation in raid5_cache_count {CVE-2024-23307}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos7els/advisories/2024/clsa-2024_1724693366.json" } ], "tracking": { "current_release_date": "2026-05-05T11:23:24Z", "generator": { "date": "2026-05-05T11:23:24Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2024:1724693366", "initial_release_date": "2024-08-26T13:29:28Z", "revision_history": [ { "date": "2024-08-26T13:29:28Z", "number": "1", "summary": "Initial version" }, { "date": "2026-05-05T11:23:24Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "kernel: Fix of 15 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 7", "product": { "name": "Community Enterprise Operating System 7", "product_id": "CentOS-7", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_id": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.119.1.el7.tuxcare.els3?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_id": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.119.1.el7.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.119.1.el7.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" }, "product_reference": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" }, "product_reference": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-26882", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()\n\nApply the same fix than ones found in :\n\n8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\")\n\nWe have to save skb->network_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb->head.\n\nsyzbot reported:\nBUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __ipgre_rcv+0x9bc/0xbc0 net/ipv4/ip_gre.c:389\n ipgre_rcv net/ipv4/ip_gre.c:411 [inline]\n gre_rcv+0x423/0x19f0 net/ipv4/ip_gre.c:447\n gre_rcv+0x2a4/0x390 net/ipv4/gre_demux.c:163\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n netif_receive_skb_internal net/core/dev.c:5734 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5793\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1556\n tun_get_user+0x53b9/0x66e0 drivers/net/tun.c:2009\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590\n alloc_pages_mpol+0x62b/0x9d0 mm/mempolicy.c:2133\n alloc_pages+0x1be/0x1e0 mm/mempolicy.c:2204\n skb_page_frag_refill+0x2bf/0x7c0 net/core/sock.c:2909\n tun_build_skb drivers/net/tun.c:1686 [inline]\n tun_get_user+0xe0a/0x66e0 drivers/net/tun.c:1826\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-26882" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5c03387021cfa3336b97e0dcba38029917a8af2a", "url": "https://git.kernel.org/stable/c/5c03387021cfa3336b97e0dcba38029917a8af2a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/60044ab84836359534bd7153b92e9c1584140e4a", "url": "https://git.kernel.org/stable/c/60044ab84836359534bd7153b92e9c1584140e4a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/77fd5294ea09b21f6772ac954a121b87323cec80", "url": "https://git.kernel.org/stable/c/77fd5294ea09b21f6772ac954a121b87323cec80" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0ec2abf98267f14d032102551581c833b0659d3", "url": "https://git.kernel.org/stable/c/b0ec2abf98267f14d032102551581c833b0659d3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4c857723b37c20651300b3de4ff25059848b4b0", "url": "https://git.kernel.org/stable/c/c4c857723b37c20651300b3de4ff25059848b4b0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ca914f1cdee8a85799942c9b0ce5015bbd6844e1", "url": "https://git.kernel.org/stable/c/ca914f1cdee8a85799942c9b0ce5015bbd6844e1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec6bb01e02cbd47781dd90775b631a1dc4bd9d2b", "url": "https://git.kernel.org/stable/c/ec6bb01e02cbd47781dd90775b631a1dc4bd9d2b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f6723d8dbfdc10c784a56748f86a9a3cd410dbd5", "url": "https://git.kernel.org/stable/c/f6723d8dbfdc10c784a56748f86a9a3cd410dbd5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20241220-0002/", "url": "https://security.netapp.com/advisory/ntap-20241220-0002/" } ], "release_date": "2024-04-17T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-27020", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()\n\nnft_unregister_expr() can concurrent with __nft_expr_type_get(),\nand there is not any protection when iterate over nf_tables_expressions\nlist in __nft_expr_type_get(). Therefore, there is potential data-race\nof nf_tables_expressions list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_expressions\nlist in __nft_expr_type_get(), and use rcu_read_lock() in the caller\nnft_expr_type_get() to protect the entire type query process.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-27020" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f", "url": "https://git.kernel.org/stable/c/01f1a678b05ade4b1248019c2dcca773aebbeb7f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907", "url": "https://git.kernel.org/stable/c/0b6de00206adbbfc6373b3ae38d2a6f197987907" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5", "url": "https://git.kernel.org/stable/c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/934e66e231cff2b18faa2c8aad0b8cec13957e05", "url": "https://git.kernel.org/stable/c/934e66e231cff2b18faa2c8aad0b8cec13957e05" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/939109c0a8e2a006a6cc8209e262d25065f4403a", "url": "https://git.kernel.org/stable/c/939109c0a8e2a006a6cc8209e262d25065f4403a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b", "url": "https://git.kernel.org/stable/c/a9ebf340d123ae12582210407f879d6a5a1bc25b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b38a133d37fa421c8447b383d788c9cc6f5cb34c", "url": "https://git.kernel.org/stable/c/b38a133d37fa421c8447b383d788c9cc6f5cb34c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf", "url": "https://git.kernel.org/stable/c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/" } ], "release_date": "2024-05-01T06:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-26855", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-26855" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/06e456a05d669ca30b224b8ed962421770c1496c", "url": "https://git.kernel.org/stable/c/06e456a05d669ca30b224b8ed962421770c1496c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e296067ae0d74a10b4933601f9aa9f0ec8f157f", "url": "https://git.kernel.org/stable/c/0e296067ae0d74a10b4933601f9aa9f0ec8f157f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a770927dc1d642b22417c3e668c871689fc58b3", "url": "https://git.kernel.org/stable/c/1a770927dc1d642b22417c3e668c871689fc58b3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/37fe99016b12d32100ce670216816dba6c48b309", "url": "https://git.kernel.org/stable/c/37fe99016b12d32100ce670216816dba6c48b309" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8d95465d9a424200485792858c5b3be54658ce19", "url": "https://git.kernel.org/stable/c/8d95465d9a424200485792858c5b3be54658ce19" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/afdd29726a6de4ba27cd15590661424c888dc596", "url": "https://git.kernel.org/stable/c/afdd29726a6de4ba27cd15590661424c888dc596" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d9fefc51133107e59d192d773be86c1150cfeebb", "url": "https://git.kernel.org/stable/c/d9fefc51133107e59d192d773be86c1150cfeebb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" } ], "release_date": "2024-04-17T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-38570", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix potential glock use-after-free on unmount\n\nWhen a DLM lockspace is released and there ares still locks in that\nlockspace, DLM will unlock those locks automatically. Commit\nfb6791d100d1b started exploiting this behavior to speed up filesystem\nunmount: gfs2 would simply free glocks it didn't want to unlock and then\nrelease the lockspace. This didn't take the bast callbacks for\nasynchronous lock contention notifications into account, which remain\nactive until until a lock is unlocked or its lockspace is released.\n\nTo prevent those callbacks from accessing deallocated objects, put the\nglocks that should not be unlocked on the sd_dead_glocks list, release\nthe lockspace, and only then free those glocks.\n\nAs an additional measure, ignore unexpected ast and bast callbacks if\nthe receiving glock is dead.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-38570" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37", "url": "https://git.kernel.org/stable/c/0636b34b44589b142700ac137b5f69802cfe2e37" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca", "url": "https://git.kernel.org/stable/c/501cd8fabf621d10bd4893e37f6ce6c20523c8ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73", "url": "https://git.kernel.org/stable/c/d98779e687726d8f8860f1c54b5687eec5f63a73" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0", "url": "https://git.kernel.org/stable/c/e42e8a24d7f02d28763d16ca7ec5fc6d1f142af0" } ], "release_date": "2024-06-19T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-42228", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc\n\nInitialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001.\nV2: To really improve the handling we would actually\n need to have a separate value of 0xffffffff.(Christian)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-42228" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b505759447637dcccb50cbd98ec6f8d2a04fc46", "url": "https://git.kernel.org/stable/c/3b505759447637dcccb50cbd98ec6f8d2a04fc46" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef", "url": "https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944", "url": "https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ee1534ecdd5b4c013064663502d7fde824d2144", "url": "https://git.kernel.org/stable/c/9ee1534ecdd5b4c013064663502d7fde824d2144" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8", "url": "https://git.kernel.org/stable/c/d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da6a85d197888067e8d38b5d22c986b5b5cab712", "url": "https://git.kernel.org/stable/c/da6a85d197888067e8d38b5d22c986b5b5cab712" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df02642c21c984303fe34c3f7d72965792fb1a15", "url": "https://git.kernel.org/stable/c/df02642c21c984303fe34c3f7d72965792fb1a15" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440", "url": "https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html", "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" } ], "release_date": "2024-07-30T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-26923", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV's fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V's\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-26923" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2e2a03787f4f0abc0072350654ab0ef3324d9db3", "url": "https://git.kernel.org/stable/c/2e2a03787f4f0abc0072350654ab0ef3324d9db3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/343c5372d5e17b306db5f8f3c895539b06e3177f", "url": "https://git.kernel.org/stable/c/343c5372d5e17b306db5f8f3c895539b06e3177f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47d8ac011fe1c9251070e1bd64cb10b48193ec51", "url": "https://git.kernel.org/stable/c/47d8ac011fe1c9251070e1bd64cb10b48193ec51" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/507cc232ffe53a352847893f8177d276c3b532a9", "url": "https://git.kernel.org/stable/c/507cc232ffe53a352847893f8177d276c3b532a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a36ae0ec2353015f0f6762e59f4c2dbc0c906423", "url": "https://git.kernel.org/stable/c/a36ae0ec2353015f0f6762e59f4c2dbc0c906423" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b75722be422c276b699200de90527d01c602ea7c", "url": "https://git.kernel.org/stable/c/b75722be422c276b699200de90527d01c602ea7c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dbdf7bec5c920200077d693193f989cb1513f009", "url": "https://git.kernel.org/stable/c/dbdf7bec5c920200077d693193f989cb1513f009" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e76c2678228f6aec74b305ae30c9374cc2f28a51", "url": "https://git.kernel.org/stable/c/e76c2678228f6aec74b305ae30c9374cc2f28a51" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "release_date": "2024-04-25T06:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2021-47383", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn't call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display->vrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47383" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/067c694d06040db6f0c65281bb358452ca6d85b9", "url": "https://git.kernel.org/stable/c/067c694d06040db6f0c65281bb358452ca6d85b9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b0c406124719b625b1aba431659f5cdc24a982c", "url": "https://git.kernel.org/stable/c/3b0c406124719b625b1aba431659f5cdc24a982c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/699d926585daa6ec44be556cdc1ab89e5d54557b", "url": "https://git.kernel.org/stable/c/699d926585daa6ec44be556cdc1ab89e5d54557b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/70aed03b1d5a5df974f456cdc8eedb213c94bb8b", "url": "https://git.kernel.org/stable/c/70aed03b1d5a5df974f456cdc8eedb213c94bb8b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e71fcedfda6f7de18f850a6b36e78d78b04476f", "url": "https://git.kernel.org/stable/c/7e71fcedfda6f7de18f850a6b36e78d78b04476f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/883f7897a25e3ce14a7f274ca4c73f49ac84002a", "url": "https://git.kernel.org/stable/c/883f7897a25e3ce14a7f274ca4c73f49ac84002a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a6a240f52e14356386030d8958ae8b1761d2325", "url": "https://git.kernel.org/stable/c/8a6a240f52e14356386030d8958ae8b1761d2325" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d570c48dd37dbe8fc6875d4461d01a9554ae2560", "url": "https://git.kernel.org/stable/c/d570c48dd37dbe8fc6875d4461d01a9554ae2560" } ], "release_date": "2024-05-21T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-23307", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-23307" }, { "category": "external", "summary": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975" } ], "release_date": "2024-01-25T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-0775", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-0775" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2024-0775", "url": "https://access.redhat.com/security/cve/CVE-2024-0775" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259414" }, { "category": "external", "summary": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162", "url": "https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162" } ], "release_date": "2024-01-22T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-39494", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix use-after-free on a dentry's dname.name\n\n->d_name.name can change on rename and the earlier value can be freed;\nthere are conditions sufficient to stabilize it (->d_lock on dentry,\n->d_lock on its parent, ->i_rwsem exclusive on the parent's inode,\nrename_lock), but none of those are met at any of the sites. Take a stable\nsnapshot of the name instead.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-39494" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0b31e28fbd773aefb6164687e0767319b8199829", "url": "https://git.kernel.org/stable/c/0b31e28fbd773aefb6164687e0767319b8199829" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/480afcbeb7aaaa22677d3dd48ec590b441eaac1a", "url": "https://git.kernel.org/stable/c/480afcbeb7aaaa22677d3dd48ec590b441eaac1a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7fb374981e31c193b1152ed8d3b0a95b671330d4", "url": "https://git.kernel.org/stable/c/7fb374981e31c193b1152ed8d3b0a95b671330d4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a78a6f0da57d058e2009e9958fdcef66f165208c", "url": "https://git.kernel.org/stable/c/a78a6f0da57d058e2009e9958fdcef66f165208c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/be84f32bb2c981ca670922e047cdde1488b233de", "url": "https://git.kernel.org/stable/c/be84f32bb2c981ca670922e047cdde1488b233de" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dd431c3ac1fc34a9268580dd59ad3e3c76b32a8c", "url": "https://git.kernel.org/stable/c/dd431c3ac1fc34a9268580dd59ad3e3c76b32a8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/edf287bc610b18d7a9c0c0c1cb2e97b9348c71bb", "url": "https://git.kernel.org/stable/c/edf287bc610b18d7a9c0c0c1cb2e97b9348c71bb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" } ], "release_date": "2024-07-12T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-26934", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface's parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can't complete\nuntil the device lock has been released, and the lock won't be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \nReported by: xingwei lee ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-26934" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/07acf979da33c721357ff27129edf74c23c036c6", "url": "https://git.kernel.org/stable/c/07acf979da33c721357ff27129edf74c23c036c6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/122a06f1068bf5e39089863f4f60b1f5d4273384", "url": "https://git.kernel.org/stable/c/122a06f1068bf5e39089863f4f60b1f5d4273384" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/12d6a5681a0a5cecc2af7860f0a1613fa7c6e947", "url": "https://git.kernel.org/stable/c/12d6a5681a0a5cecc2af7860f0a1613fa7c6e947" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1b175bc579f46520b11ecda443bcd2ee4904f66a", "url": "https://git.kernel.org/stable/c/1b175bc579f46520b11ecda443bcd2ee4904f66a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/80ba43e9f799cbdd83842fc27db667289b3150f5", "url": "https://git.kernel.org/stable/c/80ba43e9f799cbdd83842fc27db667289b3150f5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8cbdd324b41528994027128207fae8100dff094f", "url": "https://git.kernel.org/stable/c/8cbdd324b41528994027128207fae8100dff094f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ab062fa3dc69aea88fe62162c5881ba14b50ecc5", "url": "https://git.kernel.org/stable/c/ab062fa3dc69aea88fe62162c5881ba14b50ecc5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dbdf66250d2d33e8b27352fcb901de79f3521057", "url": "https://git.kernel.org/stable/c/dbdf66250d2d33e8b27352fcb901de79f3521057" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e451709573f8be904a8a72d0775bf114d7c291d9", "url": "https://git.kernel.org/stable/c/e451709573f8be904a8a72d0775bf114d7c291d9" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "release_date": "2024-05-01T06:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-26668", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_limit: reject configurations that cause integer overflow\n\nReject bogus configs where internal token counter wraps around.\nThis only occurs with very very large requests, such as 17gbyte/s.\n\nIts better to reject this rather than having incorrect ratelimit.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-26668" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/00c2c29aa36d1d1827c51a3720e9f893a22c7c6a", "url": "https://git.kernel.org/stable/c/00c2c29aa36d1d1827c51a3720e9f893a22c7c6a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/79d4efd75e7dbecd855a3b8a63e65f7265f466e1", "url": "https://git.kernel.org/stable/c/79d4efd75e7dbecd855a3b8a63e65f7265f466e1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9882495d02ecc490604f747437a40626dc9160d0", "url": "https://git.kernel.org/stable/c/9882495d02ecc490604f747437a40626dc9160d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bc6e242bb74e2ae616bfd2b250682b738e781c9b", "url": "https://git.kernel.org/stable/c/bc6e242bb74e2ae616bfd2b250682b738e781c9b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa", "url": "https://git.kernel.org/stable/c/c9d9eb9c53d37cdebbad56b91e40baf42d5a97aa" } ], "release_date": "2024-04-02T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2024-36960", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat's actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-36960" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0dbfc73670b357456196130551e586345ca48e1b", "url": "https://git.kernel.org/stable/c/0dbfc73670b357456196130551e586345ca48e1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f527e3efd37c7c5e85e8aa86308856b619fa59f", "url": "https://git.kernel.org/stable/c/2f527e3efd37c7c5e85e8aa86308856b619fa59f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3cd682357c6167f636aec8ac0efaa8ba61144d36", "url": "https://git.kernel.org/stable/c/3cd682357c6167f636aec8ac0efaa8ba61144d36" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7b5fd3af4a250dd0a2a558e07b43478748eb5d22", "url": "https://git.kernel.org/stable/c/7b5fd3af4a250dd0a2a558e07b43478748eb5d22" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c", "url": "https://git.kernel.org/stable/c/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b7bab33c4623c66e3398d5253870d4e88c52dfc0", "url": "https://git.kernel.org/stable/c/b7bab33c4623c66e3398d5253870d4e88c52dfc0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cef0962f2d3e5fd0660c8efb72321083a1b531a9", "url": "https://git.kernel.org/stable/c/cef0962f2d3e5fd0660c8efb72321083a1b531a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/deab66596dfad14f1c54eeefdb72428340d72a77", "url": "https://git.kernel.org/stable/c/deab66596dfad14f1c54eeefdb72428340d72a77" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "release_date": "2024-06-03T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-52469", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/amd/pm: fix a use-after-free in kv_parse_power_table\n\nWhen ps allocated by kzalloc equals to NULL, kv_parse_power_table\nfrees adev->pm.dpm.ps that allocated before. However, after the control\nflow goes through the following call chains:\n\nkv_parse_power_table\n |-> kv_dpm_init\n |-> kv_dpm_sw_init\n\t |-> kv_dpm_fini\n\nThe adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its\nfirst free in kv_parse_power_table and causes a use-after-free bug.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52469" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743", "url": "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02", "url": "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706", "url": "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3", "url": "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e", "url": "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63", "url": "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3", "url": "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a", "url": "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "release_date": "2024-02-26T16:27:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-52340", "notes": [ { "category": "description", "text": "The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "known_affected": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52340" }, { "category": "external", "summary": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3", "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20240816-0005/", "url": "https://security.netapp.com/advisory/ntap-20240816-0005/" } ], "release_date": "2024-07-05T02:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2024-08-26T13:29:28Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2024:1724693366" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els1.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64", "CentOS-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }