RHSA-2024:6567MediumCVSS 7.1

Red Hat Security Advisory: kernel security update

Published
September 11, 2024
Last Modified
June 4, 2026

🔗 CVE IDs covered (27)

CVE-2024-36000CVE-2024-36979CVE-2024-41055CVE-2024-42102CVE-2024-42131CVE-2023-52463CVE-2024-26630CVE-2024-26720 · pendingCVE-2024-38559CVE-2024-38619CVE-2024-40936CVE-2024-41040CVE-2024-41044CVE-2024-26886CVE-2024-35791CVE-2024-40927CVE-2024-41073CVE-2024-41096CVE-2024-36883CVE-2023-52801CVE-2024-26946CVE-2024-35797CVE-2024-35875CVE-2024-36019CVE-2024-42082CVE-2024-42096CVE-2024-26629

📋 Description

CVE-2023-52463 — kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52801 — kernel: iommufd: Fix missing update of domains_itree after splitting iopt_area CVE-2024-26629 — kernel: nfsd: fix RELEASE_LOCKOWNER CVE-2024-26630 — kernel: mm: cachestat: fix folio read-after-free in cache walk CVE-2024-26720 — kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again CVE-2024-26886 — kernel: Bluetooth: af_bluetooth: Fix deadlock CVE-2024-26946 — kernel: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address CVE-2024-35791 — kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() CVE-2024-35797 — kernel: mm: cachestat: fix two shmem bugs CVE-2024-35875 — kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems CVE-2024-36000 — kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge CVE-2024-36019 — kernel: regmap: maple: Fix cache corruption in regcache_maple_drop() CVE-2024-36883 — kernel: net: fix out-of-bounds access in ops_init CVE-2024-36979 — kernel: net: bridge: mst: fix vlan use-after-free CVE-2024-38559 — kernel: scsi: qedf: Ensure the copied buf is NUL terminated CVE-2024-38619 — kernel: usb-storage: alauda: Check whether the media is initialized CVE-2024-40927 — kernel: xhci: Handle TD clearing for multiple streams case CVE-2024-40936 — kernel: cxl/region: Fix memregion leaks in devm_cxl_add_region() CVE-2024-41040 — kernel: net/sched: Fix UAF when resolving a clash CVE-2024-41044 — kernel: ppp: reject claimed-as-LCP but actually malformed packets CVE-2024-41055 — kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() CVE-2024-41073 — kernel: nvme: avoid double free special payload CVE-2024-41096 — kernel: PCI/MSI: Fix UAF in msi_capability_init CVE-2024-42082 — kernel: xdp: Remove WARN() from __xdp_reg_mem_model() CVE-2024-42096 — kernel: x86: stop playing stack games in profile_pc() CVE-2024-42102 — kernel: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" CVE-2024-42131 — kernel: mm: avoid overflows in dirty throttling logic

🔗 References (30)