RHSA-2024:7000 - Security Advisory

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):

CVE-2023-6040 CVE-2024-26595 CVE-2024-26600 CVE-2021-46984 CVE-2023-52478 CVE-2023-52476 CVE-2023-52522 CVE-2021-47101 CVE-2021-47097 CVE-2023-52605 CVE-2024-26638 CVE-2024-26645 CVE-2024-26665 CVE-2024-26720 CVE-2024-26717 CVE-2024-26769 CVE-2024-26846 CVE-2024-26894 CVE-2024-26880 CVE-2024-26855 CVE-2024-26923 CVE-2024-26939 CVE-2024-27013 CVE-2024-27042 CVE-2024-35809 CVE-2023-52683 CVE-2024-35884 CVE-2024-35877 CVE-2024-35944 CVE-2024-35989 CVE-2021-47412 CVE-2021-47393 CVE-2021-47386 CVE-2021-47385 CVE-2021-47384 CVE-2021-47383 CVE-2021-47432 CVE-2021-47352 CVE-2021-47338 CVE-2021-47321 CVE-2021-47289 CVE-2021-47287 CVE-2023-52798 CVE-2023-52809 CVE-2023-52817 CVE-2023-52840 CVE-2023-52800 CVE-2021-47441 CVE-2021-47466 CVE-2021-47455 CVE-2021-47497 CVE-2021-47560 CVE-2021-47527 CVE-2024-36883 CVE-2024-36922 CVE-2024-36920 CVE-2024-36902 CVE-2024-36953 CVE-2024-36939 CVE-2024-36919 CVE-2024-36901 CVE-2021-47582 CVE-2021-47609 CVE-2024-38619 CVE-2022-48754 CVE-2022-48760 CVE-2024-38581 CVE-2024-38579 CVE-2024-38570 CVE-2024-38559 CVE-2024-38558 CVE-2024-37356 CVE-2024-39471 CVE-2024-39499 CVE-2024-39501 CVE-2024-39506 CVE-2024-40904 CVE-2024-40911 CVE-2024-40912 CVE-2024-40929 CVE-2024-40931 CVE-2024-40941 CVE-2024-40954 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40972 CVE-2024-40977 CVE-2024-40978 CVE-2024-40988 CVE-2024-40989 CVE-2024-40995 CVE-2024-40997 CVE-2024-40998 CVE-2024-41005 CVE-2024-40901 CVE-2024-41007 CVE-2024-41008 CVE-2022-48804 CVE-2022-48836 CVE-2022-48866 CVE-2024-41090 CVE-2024-41091 CVE-2024-41012 CVE-2024-41013 CVE-2024-41014 CVE-2024-41023 CVE-2024-41035 CVE-2024-41038 CVE-2024-41039 CVE-2024-41040 CVE-2024-41041 CVE-2024-41044 CVE-2024-41055 CVE-2024-41056 CVE-2024-41060 CVE-2024-41064 CVE-2024-41065 CVE-2024-41071 CVE-2024-41076 CVE-2024-41097 CVE-2024-42084 CVE-2024-42090 CVE-2024-42094 CVE-2024-42096 CVE-2024-42114 CVE-2024-42124 CVE-2024-42131 CVE-2024-42152 CVE-2024-42154 CVE-2024-42225 CVE-2024-42226 CVE-2024-42228 CVE-2024-42237 CVE-2024-42238 CVE-2024-42240 CVE-2024-42246 CVE-2024-42322 CVE-2024-43830 CVE-2024-43871 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

Fixes

• BZ - 2258012 - CVE-2022-48619 kernel: event code falling outside of a bitmap in input_set_capability() leads to panic
• BZ - 2258013 - CVE-2023-6040 kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable()
• BZ - 2260038 - CVE-2024-23848 kernel: use-after-free in cec_queue_msg_fh
• BZ - 2265799 - CVE-2024-26595 kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path
• BZ - 2265838 - CVE-2024-26600 kernel: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
• BZ - 2266358 - CVE-2023-52470 kernel: null-ptr-deref in alloc_workqueue
• BZ - 2266750 - CVE-2021-46984 kernel: kyber: fix out of bounds access when preempted
• BZ - 2267036 - CVE-2023-52478 kernel: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
• BZ - 2267041 - CVE-2023-52476 kernel: perf/x86/lbr: Filter vsyscall addresses
• BZ - 2267795 - CVE-2023-52522 kernel: net: fix possible store tearing in neigh_periodic_work()
• BZ - 2267916 - CVE-2021-47101 kernel: asix: fix uninit-value in asix_mdio_read()
• BZ - 2267925 - CVE-2021-47097 kernel: Input: elantech - fix stack out of bound access in elantech_change_report_id()
• BZ - 2268295 - CVE-2023-52605 kernel: ACPI: extlog: fix NULL pointer dereference check
• BZ - 2270103 - CVE-2024-26638 kernel: nbd: always initialize struct msghdr completely
• BZ - 2271648 - CVE-2024-26645 kernel: tracing: Ensure visibility when inserting an element into tracing_map
• BZ - 2271796 - CVE-2024-26649 kernel: null pointer when load rlc firmware
• BZ - 2272793 - CVE-2024-26665 kernel: tunnels: fix out of bounds access when building IPv6 PMTU error
• BZ - 2273141 - CVE-2024-26720 kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
• BZ - 2273148 - CVE-2024-26717 kernel: HID: i2c-hid-of: fix NULL-deref on failed power up
• BZ - 2273180 - CVE-2024-26769 kernel: nvmet-fc: avoid deadlock on delete association path
• BZ - 2275558 - CVE-2024-26846 kernel: nvme-fc: do not wait in vain when unloading module
• BZ - 2275661 - CVE-2024-26894 kernel: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
• BZ - 2275690 - CVE-2024-26880 kernel: dm: call the resume method on internal suspend
• BZ - 2275742 - CVE-2024-26855 kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
• BZ - 2277171 - CVE-2024-26923 kernel: af_unix: Fix garbage collector racing against connect()
• BZ - 2278220 - CVE-2024-26939 kernel: drm/i915/vma: Fix UAF on destroy against retire race
• BZ - 2278270 - CVE-2024-27013 kernel: tun: limit printing rate when illegal packet received by tun dev
• BZ - 2278447 - CVE-2024-27042 kernel: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'
• BZ - 2281217 - CVE-2024-35809 kernel: PCI/PM: Drain runtime-idle callbacks before driver removal
• BZ - 2281317 - CVE-2023-52683 kernel: ACPI: LPIT: Avoid u32 multiplication overflow
• BZ - 2281704 - CVE-2024-35884 kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel
• BZ - 2281720 - CVE-2024-35877 kernel: x86/mm/pat: fix VM_PAT handling in COW mappings
• BZ - 2281807 - CVE-2024-35944 kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
• BZ - 2281847 - CVE-2024-35989 kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
• BZ - 2282324 - CVE-2021-47412 kernel: block: don't call rq_qos_ops->done_bio if the bio isn't tracked
• BZ - 2282345 - CVE-2021-47393 kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
• BZ - 2282354 - CVE-2021-47386 kernel: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field
• BZ - 2282355 - CVE-2021-47385 kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
• BZ - 2282356 - CVE-2021-47384 kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field
• BZ - 2282357 - CVE-2021-47383 kernel: tty: Fix out-of-bound vmalloc access in imageblit
• BZ - 2282366 - CVE-2021-47432 kernel: lib/generic-radix-tree.c: Don't overflow in peek()
• BZ - 2282401 - CVE-2021-47352 kernel: virtio-net: Add validation for used length
• BZ - 2282422 - CVE-2021-47338 kernel: fbmem: Do not delete the mode that is still in use
• BZ - 2282440 - CVE-2021-47321 kernel: watchdog: Fix possible use-after-free by calling del_timer_sync()
• BZ - 2282508 - CVE-2021-47289 kernel: ACPI: fix NULL pointer dereference
• BZ - 2282511 - CVE-2021-47287 kernel: driver core: auxiliary bus: Fix memory leak when driver_register() fail
• BZ - 2282648 - CVE-2023-52798 kernel: wifi: ath11k: fix dfs radar event locking
• BZ - 2282669 - CVE-2023-52809 kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
• BZ - 2282676 - CVE-2023-52817 kernel: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
• BZ - 2282757 - CVE-2023-52840 kernel: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
• BZ - 2282764 - CVE-2023-52800 kernel: wifi: ath11k: fix htt pktlog locking
• BZ - 2282851 - CVE-2021-47441 kernel: mlxsw: thermal: Fix out-of-bounds memory accesses
• BZ - 2282890 - CVE-2021-47466 kernel: mm, slub: fix potential memoryleak in kmem_cache_open()
• BZ - 2282903 - CVE-2021-47455 kernel: ptp: Fix possible memory leak in ptp_clock_register()
• BZ - 2282918 - CVE-2021-47497 kernel: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
• BZ - 2283389 - CVE-2021-47560 kernel: mlxsw: spectrum: Protect driver from buggy firmware
• BZ - 2283424 - CVE-2021-47527 kernel: serial: core: fix transmit-buffer reset and memleak
• BZ - 2284271 - CVE-2024-36883 kernel: net: fix out-of-bounds access in ops_init
• BZ - 2284511 - CVE-2024-36922 kernel: wifi: iwlwifi: read txq->read_ptr under lock
• BZ - 2284515 - CVE-2024-36920 kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING
• BZ - 2284545 - CVE-2024-36902 kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
• BZ - 2284596 - CVE-2024-36953 kernel: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
• BZ - 2284628 - CVE-2024-36939 kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().
• BZ - 2284630 - CVE-2024-36919 kernel: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
• BZ - 2284634 - CVE-2024-36901 kernel: ipv6: prevent NULL dereference in ip6_output()
• BZ - 2293247 - CVE-2021-47582 kernel: USB: core: Make do_proc_control() and do_proc_bulk() killable
• BZ - 2293270 - CVE-2021-47609 kernel: firmware: arm_scpi: Fix string overflow in SCPI genpd driver
• BZ - 2293273 - CVE-2024-38619 kernel: usb-storage: alauda: Check whether the media is initialized
• BZ - 2293304 - CVE-2022-48754 kernel: phylib: fix potential use-after-free
• BZ - 2293377 - CVE-2022-48760 kernel: USB: core: Fix hang in usb_kill_urb by adding memory barriers
• BZ - 2293408 - CVE-2024-38581 kernel: drm/amdgpu/mes: fix use-after-free issue
• BZ - 2293414 - CVE-2024-38579 kernel: crypto: bcm - Fix pointer arithmetic
• BZ - 2293423 - CVE-2024-38570 kernel: gfs2: Fix potential glock use-after-free on unmount
• BZ - 2293440 - CVE-2024-38559 kernel: scsi: qedf: Ensure the copied buf is NUL terminated
• BZ - 2293441 - CVE-2024-38558 kernel: net: openvswitch: fix overwriting ct original tuple for ICMPv6
• BZ - 2293658 - CVE-2024-37356 kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
• BZ - 2294313 - CVE-2024-39471 kernel: drm/amdgpu: add error handle to avoid out-of-bounds
• BZ - 2297471 - CVE-2024-39499 kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver()
• BZ - 2297473 - CVE-2024-39501 kernel: drivers: core: synchronize really_probe() and dev_uevent()
• BZ - 2297478 - CVE-2024-39506 kernel: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
• BZ - 2297488 - CVE-2024-40904 kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
• BZ - 2297495 - CVE-2024-40911 kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station
• BZ - 2297496 - CVE-2024-40912 kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()
• BZ - 2297513 - CVE-2024-40929 kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
• BZ - 2297515 - CVE-2024-40931 kernel: mptcp: ensure snd_una is properly initialized on connect
• BZ - 2297525 - CVE-2024-40941 kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation
• BZ - 2297538 - CVE-2024-40954 kernel: net: do not leave a dangling sk pointer, when socket creation fails
• BZ - 2297542 - CVE-2024-40958 kernel: netns: Make get_net_ns() handle zero refcount net
• BZ - 2297543 - CVE-2024-40959 kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
• BZ - 2297544 - CVE-2024-40960 kernel: ipv6: prevent possible NULL dereference in rt6_probe()
• BZ - 2297556 - CVE-2024-40972 kernel: ext4: do not create EA inode under buffer lock
• BZ - 2297561 - CVE-2024-40977 kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery
• BZ - 2297562 - CVE-2024-40978 kernel: scsi: qedi: Fix crash while reading debugfs attribute
• BZ - 2297572 - CVE-2024-40988 kernel: drm/radeon: fix UBSAN warning in kv_dpm.c
• BZ - 2297573 - CVE-2024-40989 kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown
• BZ - 2297579 - CVE-2024-40995 kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
• BZ - 2297581 - CVE-2024-40997 kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit
• BZ - 2297582 - CVE-2024-40998 kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
• BZ - 2297589 - CVE-2024-41005 kernel: netpoll: Fix race condition in netpoll_owner_active
• BZ - 2297706 - CVE-2024-40901 kernel: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
• BZ - 2297909 - CVE-2024-41007 kernel: tcp: avoid too many retransmit packets
• BZ - 2298079 - CVE-2024-41008 kernel: drm/amdgpu: change vm->task_info handling
• BZ - 2298140 - CVE-2022-48804 kernel: vt_ioctl: fix array_index_nospec in vt_setactivate
• BZ - 2298177 - CVE-2022-48836 kernel: Input: aiptek - properly check endpoint type
• BZ - 2298640 - CVE-2022-48866 kernel: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
• BZ - 2299240 - CVE-2024-41090 kernel: virtio-net: tap: mlx5_core short frame denial of service
• BZ - 2299336 - CVE-2024-41091 kernel: virtio-net: tun: mlx5_core short frame denial of service
• BZ - 2299452 - CVE-2024-41012 kernel: filelock: Remove locks reliably when fcntl/close race is detected
• BZ - 2300296 - CVE-2024-41013 kernel: xfs: don't walk off the end of a directory data block
• BZ - 2300297 - CVE-2024-41014 kernel: xfs: add bounds checking to xlog_recover_process_data
• BZ - 2300381 - CVE-2024-41023 kernel: sched/deadline: Fix task_struct reference leak
• BZ - 2300402 - CVE-2024-41035 kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor
• BZ - 2300407 - CVE-2024-41038 kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers
• BZ - 2300408 - CVE-2024-41039 kernel: firmware: cs_dsp: Fix overflow checking of wmfw header
• BZ - 2300409 - CVE-2024-41040 kernel: net/sched: Fix UAF when resolving a clash
• BZ - 2300410 - CVE-2024-41041 kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port()
• BZ - 2300414 - CVE-2024-41044 kernel: ppp: reject claimed-as-LCP but actually malformed packets
• BZ - 2300429 - CVE-2024-41055 kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()
• BZ - 2300430 - CVE-2024-41056 kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
• BZ - 2300434 - CVE-2024-41060 kernel: drm/radeon: check bo_va->bo is non-NULL before using it
• BZ - 2300439 - CVE-2024-41064 kernel: powerpc/eeh: avoid possible crash when edev->pdev changes
• BZ - 2300440 - CVE-2024-41065 kernel: powerpc/pseries: Whitelist dtl slub object for copying to userspace
• BZ - 2300448 - CVE-2024-41071 kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing
• BZ - 2300453 - CVE-2024-41076 kernel: NFSv4: Fix memory leak in nfs4_set_security_label
• BZ - 2300492 - CVE-2024-41097 kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind()
• BZ - 2300533 - CVE-2024-42084 kernel: ftruncate: pass a signed offset
• BZ - 2300552 - CVE-2024-42090 kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
• BZ - 2300709 - CVE-2024-42094 kernel: net/iucv: Avoid explicit cpumask var allocation on stack
• BZ - 2300713 - CVE-2024-42096 kernel: x86: stop playing stack games in profile_pc()
• BZ - 2301477 - CVE-2024-42114 kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
• BZ - 2301489 - CVE-2024-42124 kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible
• BZ - 2301496 - CVE-2024-42131 kernel: mm: avoid overflows in dirty throttling logic
• BZ - 2301519 - CVE-2024-42152 kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment
• BZ - 2301522 - CVE-2024-42154 kernel: tcp_metrics: validate source addr length
• BZ - 2301543 - CVE-2024-42225 kernel: wifi: mt76: replace skb_put with skb_put_zero
• BZ - 2301544 - CVE-2024-42226 kernel: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB
• BZ - 2303077 - CVE-2024-42228 kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
• RHEL-31515 - nfsd: crash while testing a lock on a re-exported nfs v3 mount simultaneously from local system and client

CVEs

• CVE-2021-46984
• CVE-2021-47097
• CVE-2021-47101
• CVE-2021-47287
• CVE-2021-47289
• CVE-2021-47321
• CVE-2021-47338
• CVE-2021-47352
• CVE-2021-47383
• CVE-2021-47384
• CVE-2021-47385
• CVE-2021-47386
• CVE-2021-47393
• CVE-2021-47412
• CVE-2021-47432
• CVE-2021-47441
• CVE-2021-47455
• CVE-2021-47466
• CVE-2021-47497
• CVE-2021-47527
• CVE-2021-47560
• CVE-2021-47582
• CVE-2021-47609
• CVE-2022-48619
• CVE-2022-48754
• CVE-2022-48760
• CVE-2022-48804
• CVE-2022-48836
• CVE-2022-48866
• CVE-2022-49226
• CVE-2022-49316
• CVE-2023-6040
• CVE-2023-52470
• CVE-2023-52476
• CVE-2023-52478
• CVE-2023-52522
• CVE-2023-52605
• CVE-2023-52683
• CVE-2023-52798
• CVE-2023-52800
• CVE-2023-52809
• CVE-2023-52817
• CVE-2023-52840
• CVE-2024-23848
• CVE-2024-26595
• CVE-2024-26600
• CVE-2024-26638
• CVE-2024-26645
• CVE-2024-26649
• CVE-2024-26665
• CVE-2024-26717
• CVE-2024-26720
• CVE-2024-26769
• CVE-2024-26846
• CVE-2024-26855
• CVE-2024-26880
• CVE-2024-26894
• CVE-2024-26923
• CVE-2024-26939
• CVE-2024-27013
• CVE-2024-27042
• CVE-2024-35809
• CVE-2024-35877
• CVE-2024-35884
• CVE-2024-35944
• CVE-2024-35989
• CVE-2024-36883
• CVE-2024-36901
• CVE-2024-36902
• CVE-2024-36919
• CVE-2024-36920
• CVE-2024-36922
• CVE-2024-36939
• CVE-2024-36953
• CVE-2024-37356
• CVE-2024-38558
• CVE-2024-38559
• CVE-2024-38570
• CVE-2024-38579
• CVE-2024-38581
• CVE-2024-38619
• CVE-2024-39471
• CVE-2024-39499
• CVE-2024-39501
• CVE-2024-39506
• CVE-2024-40901
• CVE-2024-40904
• CVE-2024-40911
• CVE-2024-40912
• CVE-2024-40929
• CVE-2024-40931
• CVE-2024-40941
• CVE-2024-40954
• CVE-2024-40958
• CVE-2024-40959
• CVE-2024-40960
• CVE-2024-40972
• CVE-2024-40977
• CVE-2024-40978
• CVE-2024-40988
• CVE-2024-40989
• CVE-2024-40995
• CVE-2024-40997
• CVE-2024-40998
• CVE-2024-41005
• CVE-2024-41007
• CVE-2024-41008
• CVE-2024-41012
• CVE-2024-41013
• CVE-2024-41014
• CVE-2024-41023
• CVE-2024-41035
• CVE-2024-41038
• CVE-2024-41039
• CVE-2024-41040
• CVE-2024-41041
• CVE-2024-41044
• CVE-2024-41055
• CVE-2024-41056
• CVE-2024-41060
• CVE-2024-41064
• CVE-2024-41065
• CVE-2024-41071
• CVE-2024-41076
• CVE-2024-41090
• CVE-2024-41091
• CVE-2024-41097
• CVE-2024-42084
• CVE-2024-42090
• CVE-2024-42094
• CVE-2024-42096
• CVE-2024-42114
• CVE-2024-42124
• CVE-2024-42131
• CVE-2024-42152
• CVE-2024-42154
• CVE-2024-42225
• CVE-2024-42226
• CVE-2024-42228
• CVE-2024-42237
• CVE-2024-42238
• CVE-2024-42240
• CVE-2024-42246
• CVE-2024-42265
• CVE-2024-42322
• CVE-2024-43830
• CVE-2024-43871
• CVE-2024-45026

References

• https://access.redhat.com/security/updates/classification/#important