ALT-PU-2024-17575-1
Package kernel-image-std-def updated to version 5.10.208-alt1 for branch p10 in task 338248.
Closed vulnerabilities
BDU:2024-00474
Уязвимость функции nf_tables_newtable() ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2024-00674
Уязвимость функции tls_sw_sendmsg_splice (/net/tls/tls_sw.c) ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Modified: 2025-03-20
CVE-2023-6040
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.
- http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html
- http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html
- http://www.openwall.com/lists/oss-security/2024/01/12/1
- http://www.openwall.com/lists/oss-security/2024/01/12/1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://www.openwall.com/lists/oss-security/2024/01/12/1
- https://www.openwall.com/lists/oss-security/2024/01/12/1
Modified: 2024-11-25
CVE-2024-0646
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- RHSA-2024:0723
- RHSA-2024:0724
- RHSA-2024:0725
- RHSA-2024:0850
- RHSA-2024:0851
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1248
- RHSA-2024:1250
- RHSA-2024:1251
- RHSA-2024:1253
- RHSA-2024:1268
- RHSA-2024:1269
- RHSA-2024:1278
- RHSA-2024:1306
- RHSA-2024:1367
- RHSA-2024:1368
- RHSA-2024:1377
- RHSA-2024:1382
- RHSA-2024:1404
- RHSA-2024:2094
- https://access.redhat.com/security/cve/CVE-2024-0646
- RHBZ#2253908
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- RHSA-2024:0723
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267
- RHBZ#2253908
- https://access.redhat.com/security/cve/CVE-2024-0646
- RHSA-2024:2094
- RHSA-2024:1404
- RHSA-2024:1382
- RHSA-2024:1377
- RHSA-2024:1368
- RHSA-2024:1367
- RHSA-2024:1306
- RHSA-2024:1278
- RHSA-2024:1269
- RHSA-2024:1268
- RHSA-2024:1253
- RHSA-2024:1251
- RHSA-2024:1250
- RHSA-2024:1248
- RHSA-2024:0897
- RHSA-2024:0881
- RHSA-2024:0876
- RHSA-2024:0851
- RHSA-2024:0850
- RHSA-2024:0725
- RHSA-2024:0724