- kernel-5.14.0-427.40.1.el9_4 (oel9)
- 5.14.0-427.42.1.el9_4
- 2024-11-24 10:37:32
- 2024-11-26 16:37:40
- K20241124_03
- CVE-2024-45018, CVSSv2 Score: 5.5
- Description:
netfilter: flowtable: initialise extack before use
- CVE: https://access.redhat.com/security/cve/CVE-2024-45018
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-45018-netfilter-flowtable-initialise-extack-before-use.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-41005, CVSSv2 Score: 5.5
- Description:
netpoll: Fix race condition in netpoll_owner_active
- CVE: https://access.redhat.com/security/cve/CVE-2024-41005
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-41005-netpoll-fix-race-condition-in-netpoll-owner-active.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26923, CVSSv2 Score: 7.0
- Description:
af_unix: Fix garbage collector racing against connect()
- CVE: https://access.redhat.com/security/cve/CVE-2024-26923
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26923-af_unix-Fix-garbage-collector-racing-against-connec.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-41013, CVSSv2 Score: 5.5
- Description:
xfs: don't walk off the end of a directory data block
- CVE: https://access.redhat.com/security/cve/CVE-2024-41013
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-41013-xfs-don-t-walk-off-the-end-of-a-directory-data-block.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-41014, CVSSv2 Score: 5.5
- Description:
xfs: add bounds checking to xlog_recover_process_data
- CVE: https://access.redhat.com/security/cve/CVE-2024-41014
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-41014-xfs-add-bounds-checking-to-xlog-recover-process-data.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40995, CVSSv2 Score: 5.5
- Description:
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
- CVE: https://access.redhat.com/security/cve/CVE-2024-40995
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40995-net-sched-act-api-fix-possible-infinite-loop-in-tcf-idr-check-alloc.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-43854, CVSSv2 Score: 5.5
- Description:
block: initialize integrity buffer to zero before writing it to media
- CVE: https://access.redhat.com/security/cve/CVE-2024-43854
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-43854-block-initialize-integrity-buffer-to-zero-before-writing-it-to-media.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40960, CVSSv2 Score: 5.5
- Description:
ipv6: prevent possible NULL dereference in rt6_probe()
- CVE: https://access.redhat.com/security/cve/CVE-2024-40960
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40960-ipv6-prevent-possible-null-dereference-in-rt6-probe.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40972, CVSSv2 Score: 5.5
- Description:
ext4: fold quota accounting into ext4_xattr_inode_lookup_create()
- CVE: https://access.redhat.com/security/cve/CVE-2024-40972
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40972-ext4-fold-quota-accounting-into-ext4-xattr-inode-lookup-create.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40972, CVSSv2 Score: 5.5
- Description:
ext4: do not create EA inode under buffer lock
- CVE: https://access.redhat.com/security/cve/CVE-2024-40972
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40972-ext4-do-not-create-ea-inode-under-buffer-lock.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40998, CVSSv2 Score: 5.5
- Description:
ext4: turn quotas off if mount failed after enabling quotas
- CVE: https://access.redhat.com/security/cve/CVE-2024-40998
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40998-ext4-turn-quotas-off-if-mount-failed-after-enabling-quotas.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40998, CVSSv2 Score: 5.5
- Description:
ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
- CVE: https://access.redhat.com/security/cve/CVE-2024-40998
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40998-ext4-fix-uninitialized-ratelimit-state-lock-access-in-ext4-fill-super.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40977, CVSSv2 Score: 5.5
- Description:
wifi: mt76: mt7921s: fix potential hung tasks during chip recovery
- CVE: https://access.redhat.com/security/cve/CVE-2024-40977
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40977-wifi-mt76-mt7921s-fix-potential-hung-tasks-during-chip-recovery.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2021-47383, CVSSv2 Score: 5.5
- Description:
tty: Fix out-of-bound vmalloc access in imageblit
- CVE: https://access.redhat.com/security/cve/CVE-2021-47383
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2021-47383-tty-fix-out-of-bound-vmalloc-access-in-imageblit.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26640, CVSSv2 Score: 5.5
- Description:
tcp: add sanity checks to rx zerocopy
- CVE: https://www.cve.org/CVERecord?id=CVE-CVE-2024-26640
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26640-tcp-add-sanity-checks-to-rx-zerocopy.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26826, CVSSv2 Score: 5.5
- Description:
mptcp: fix data re-injection from stale subflow
- CVE: https://access.redhat.com/security/cve/CVE-2024-26826
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26826-mptcp-fix-data-re-injection-from-stale-subflow.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26935, CVSSv2 Score: 5.5
- Description:
scsi: core: Fix unremoved procfs host directory regression
- CVE: https://access.redhat.com/security/cve/CVE-2024-26935
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26935-scsi-core-fix-unremoved-procfs-host-directory-regression.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26961, CVSSv2 Score: 5.5
- Description:
mac802154: fix llsec key resources release in mac802154_llsec_key_del
- CVE: https://access.redhat.com/security/cve/CVE-2024-26961
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26961-mac802154-fix-llsec-key-resources-release-in_new.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-26961, CVSSv2 Score: 5.5
- Description:
mac802154: fix llsec key resources release in mac802154_llsec_key_del
- CVE: https://access.redhat.com/security/cve/CVE-2024-26961
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-26961-mac802154-fix-llsec-key-resources-release-in_new-kpatch.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-36244, CVSSv2 Score: 5.5
- Description:
net/sched: taprio: extend minimum interval restriction to entire cycle too
- CVE: https://access.redhat.com/security/cve/CVE-2024-36244
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-36244-net-sched-taprio-extend-minimum-interval-restriction-to-entire.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-39472, CVSSv2 Score: 5.5
- Description:
xfs: fix log recovery buffer allocation for the
- CVE: https://access.redhat.com/security/cve/CVE-2024-39472
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-39472-xfs-fix-log-recovery-buffer-allocation-for-the-lega.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-39504, CVSSv2 Score: 5.5
- Description:
netfilter: nft_inner: validate mandatory meta and payload
- CVE: https://access.redhat.com/security/cve/CVE-2024-39504
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-39504-netfilter-nft_inner-validate-mandatory-meta.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-39504, CVSSv2 Score: 5.5
- Description:
netfilter: nft_inner: validate mandatory meta and payload
- CVE: https://access.redhat.com/security/cve/CVE-2024-39504
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-39504-netfilter-nft_inner-validate-mandatory-payload.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40904, CVSSv2 Score: 5.5
- Description:
USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
- CVE: https://access.redhat.com/security/cve/CVE-2024-40904
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40904-usb-class-cdc-wdm-fix-cpu-lockup-caused-by-excessive-log-messages.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-40931, CVSSv2 Score: 5.5
- Description:
mptcp: ensure snd_una is properly initialized on connect
- CVE: https://access.redhat.com/security/cve/CVE-2024-40931
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-40931-mptcp-ensure-snd_una-is-properly-initialized-on-con.patch
- From: 5.14.0-427.42.1.el9_4
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: rhel9/5.14.0-427.42.1.el9_4/kpatch-add-alt-asm-definitions.patch
- From: N/A
- CVE-2024-2201, CVSSv2 Score: 4.7
- Description:
x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- CVE: https://access.redhat.com/security/cve/CVE-2024-2201
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-2201-x86-bugs-Change-commas-to-semicolons-in-spectre_v2-sysfs-file.patch
- From: 5.14.0-427.42.1.el9_4
- CVE-2024-2201, CVSSv2 Score: 4.7
- Description:
x86/bugs: x86/bhi: Add support for clearing branch history at syscall entry
- CVE: https://access.redhat.com/security/cve/CVE-2024-2201
- Patch: rhel9/5.14.0-427.42.1.el9_4/CVE-2024-2201-x86-bhi-Add-support-for-clearing-branch-history-at-syscall-entry.patch
- From: 5.14.0-427.42.1.el9_4