{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "pfifo_tail_enqueue: Drop new packet when sch->limit == 0 {CVE-2025-21702}\n- xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014}\n- netfilter: validate user input for expected length {CVE-2024-35896}\n- nfs: fix UAF in direct writes {CVE-2024-26958}\n- Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}\n- RDMA/srpt: Do not register event handler until srpt device is fully setup {CVE-2024-26872}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/rhel7els/advisories/2025/clsa-2025_1750353839.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1750353839", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1750353839" } ], "tracking": { "current_release_date": "2025-06-19T17:45:26Z", "generator": { "date": "2025-06-19T17:45:26Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1750353839", "initial_release_date": "2025-06-19T17:45:26Z", "revision_history": [ { "date": "2025-06-19T17:45:26Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "kernel: Fix of 6 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux 7", "product": { "name": "Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7", "product_identification_helper": { "cpe": "cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_id": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.119.1.el7.tuxcare.els21?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64 as a component of Red Hat Enterprise Linux 7", "product_id": "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" }, "product_reference": "kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "relates_to_product_reference": "Red-Hat-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-51779", "notes": [ { "category": "description", "text": "bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-51779" } ], "release_date": "2023-12-25T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-36883", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: fix out-of-bounds access in ops_init\nnet_alloc_generic is called by net_alloc, which is called without any\nlocking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It\nis read twice, first to allocate an array, then to set s.len, which is\nlater used to limit the bounds of the array access.\nIt is possible that the array is allocated and another thread is\nregistering a new pernet ops, increments max_gen_ptrs, which is then used\nto set s.len with a larger than allocated length for the variable array.\nFix it by reading max_gen_ptrs only once in net_alloc_generic. If\nmax_gen_ptrs is later incremented, it will be caught in net_assign_generic.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-36883" } ], "release_date": "2024-05-30T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-39487", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval->string is an\nempty string, newval->string+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-39487" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a8a4fd082c439e19fede027e80c79bc4c84bb8e", "url": "https://git.kernel.org/stable/c/6a8a4fd082c439e19fede027e80c79bc4c84bb8e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6b21346b399fd1336fe59233a17eb5ce73041ee1", "url": "https://git.kernel.org/stable/c/6b21346b399fd1336fe59233a17eb5ce73041ee1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/707c85ba3527ad6aa25552033576b0f1ff835d7b", "url": "https://git.kernel.org/stable/c/707c85ba3527ad6aa25552033576b0f1ff835d7b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9f835e48bd4c75fdf6a9cff3f0b806a7abde78da", "url": "https://git.kernel.org/stable/c/9f835e48bd4c75fdf6a9cff3f0b806a7abde78da" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b75e33eae8667084bd4a63e67657c6a5a0f8d1e8", "url": "https://git.kernel.org/stable/c/b75e33eae8667084bd4a63e67657c6a5a0f8d1e8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bfd14e5915c2669f292a31d028e75dcd82f1e7e9", "url": "https://git.kernel.org/stable/c/bfd14e5915c2669f292a31d028e75dcd82f1e7e9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8eb8ab9a44ff0e73492d0a12a643c449f641a9f", "url": "https://git.kernel.org/stable/c/c8eb8ab9a44ff0e73492d0a12a643c449f641a9f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e271ff53807e8f2c628758290f0e499dbe51cb3d", "url": "https://git.kernel.org/stable/c/e271ff53807e8f2c628758290f0e499dbe51cb3d" } ], "release_date": "2024-07-09T10:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-41071", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "An out-of-bounds buffer overflow has been found in the Linux kernel’s mac80211 subsystem when scanning for SSIDs. Address calculation using out-of-bounds array indexing could result in an attacker crafting an exploit, resulting in the complete compromise of a system.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-41071" } ], "release_date": "2024-07-29T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-49967", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers ('Resource Injection')" }, "notes": [ { "category": "description", "text": "[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved:\next4: no need to continue when the number of entries is 1\nThe Linux kernel CVE team has assigned CVE-2024-49967 to this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-49967" } ], "release_date": "2024-10-21T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2023-52885", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix UAF in svc_tcp_listen_data_ready()\n\nAfter the listener svc_sock is freed, and before invoking svc_tcp_accept()\nfor the established child sock, there is a window that the newsock\nretaining a freed listener svc_sock in sk_user_data which cloning from\nparent. In the race window, if data is received on the newsock, we will\nobserve use-after-free report in svc_tcp_listen_data_ready().\n\nReproduce by two tasks:\n\n1. while :; do rpc.nfsd 0 ; rpc.nfsd; done\n2. while :; do echo \"\" | ncat -4 127.0.0.1 2049 ; done\n\nKASAN report:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc]\n Read of size 8 at addr ffff888139d96228 by task nc/102553\n CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18\n Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n Call Trace:\n \n dump_stack_lvl+0x33/0x50\n print_address_description.constprop.0+0x27/0x310\n print_report+0x3e/0x70\n kasan_report+0xae/0xe0\n svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc]\n tcp_data_queue+0x9f4/0x20e0\n tcp_rcv_established+0x666/0x1f60\n tcp_v4_do_rcv+0x51c/0x850\n tcp_v4_rcv+0x23fc/0x2e80\n ip_protocol_deliver_rcu+0x62/0x300\n ip_local_deliver_finish+0x267/0x350\n ip_local_deliver+0x18b/0x2d0\n ip_rcv+0x2fb/0x370\n __netif_receive_skb_one_core+0x166/0x1b0\n process_backlog+0x24c/0x5e0\n __napi_poll+0xa2/0x500\n net_rx_action+0x854/0xc90\n __do_softirq+0x1bb/0x5de\n do_softirq+0xcb/0x100\n \n \n ...\n \n\n Allocated by task 102371:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_kmalloc+0x7b/0x90\n svc_setup_socket+0x52/0x4f0 [sunrpc]\n svc_addsock+0x20d/0x400 [sunrpc]\n __write_ports_addfd+0x209/0x390 [nfsd]\n write_ports+0x239/0x2c0 [nfsd]\n nfsctl_transaction_write+0xac/0x110 [nfsd]\n vfs_write+0x1c3/0xae0\n ksys_write+0xed/0x1c0\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 102551:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x50\n __kasan_slab_free+0x106/0x190\n __kmem_cache_free+0x133/0x270\n svc_xprt_free+0x1e2/0x350 [sunrpc]\n svc_xprt_destroy_all+0x25a/0x440 [sunrpc]\n nfsd_put+0x125/0x240 [nfsd]\n nfsd_svc+0x2cb/0x3c0 [nfsd]\n write_threads+0x1ac/0x2a0 [nfsd]\n nfsctl_transaction_write+0xac/0x110 [nfsd]\n vfs_write+0x1c3/0xae0\n ksys_write+0xed/0x1c0\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nFix the UAF by simply doing nothing in svc_tcp_listen_data_ready()\nif state != TCP_LISTEN, that will avoid dereferencing svsk for all\nchild socket.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52885" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b", "url": "https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf5660b6f", "url": "https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf5660b6f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428", "url": "https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065", "url": "https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254", "url": "https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e", "url": "https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee", "url": "https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc80fc2d4e39137869da3150ee169b40bf879287", "url": "https://git.kernel.org/stable/c/fc80fc2d4e39137869da3150ee169b40bf879287" } ], "release_date": "2024-07-14T08:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2021-30178", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "An issue was discovered in the Linux kernel through 5.11.11. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V context, aka CID-919f4ebc5987.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-30178" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=919f4ebc598701670e80e31573a58f1f2d2bf918", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=919f4ebc598701670e80e31573a58f1f2d2bf918" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ5GEETMX3ERQ4DF3GSS2XPNSOOK44OB/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ5GEETMX3ERQ4DF3GSS2XPNSOOK44OB/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGQDVYCDM3F5VXUZIADIV2ERL3AJXNJS/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGQDVYCDM3F5VXUZIADIV2ERL3AJXNJS/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/" } ], "release_date": "2021-04-07T00:15:00", "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL_ACCESS", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-23307", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-23307" }, { "category": "external", "summary": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975" } ], "release_date": "2024-01-25T07:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2021-3659", "cwe": { "id": "CWE-252", "name": "Unchecked Return Value" }, "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-3659" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/CVE-2021-3659", "url": "https://access.redhat.com/security/cve/CVE-2021-3659" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=1975949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975949" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8" } ], "release_date": "2022-08-22T15:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2021-38160", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" }, "notes": [ { "category": "description", "text": "In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-38160" }, { "category": "external", "summary": "https://access.redhat.com/security/cve/cve-2021-38160", "url": "https://access.redhat.com/security/cve/cve-2021-38160" }, { "category": "external", "summary": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46", "url": "https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20210902-0010/", "url": "https://security.netapp.com/advisory/ntap-20210902-0010/" }, { "category": "external", "summary": "https://www.debian.org/security/2021/dsa-4978", "url": "https://www.debian.org/security/2021/dsa-4978" } ], "release_date": "2021-08-07T04:15:00", "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL_ACCESS", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:python-perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:perf-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:bpftool-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-devel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-debug-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64", "Red-Hat-7:kernel-headers-0:3.10.0-1160.119.1.el7.tuxcare.els21.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }