エラータID: AXSA:2024-7634:08

Release date: 
Wednesday, March 27, 2024 - 13:38
Affected Channels: 
Asianux Server 7 for x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)
* kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
* kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921)
* kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)
* kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
* kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit
An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info).
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize the accesses to prevent the ability for this to be called at too high of a frequency and saturate the machine.


Update packages.

Additional Info: 



  1. kernel-3.10.0-1160.114.2.el7.src.rpm
    MD5: a9100e6993076127a5106b2a788f9fba
    SHA-256: b878e21b0ae9db83bf43808c4527a57bbf035787678deae129c7461ee856cea8
    Size: 98.81 MB

Asianux Server 7 for x86_64
  1. bpftool-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 6cac2b63577bf4bdefdd8440d10a8a45
    SHA-256: bd7edf331f5e8b217956ccc7e520ec1ab5c91a9edd31c6e4fc343099030a3943
    Size: 8.52 MB
  2. kernel-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: e499de640813ce58ab5fc7954231d606
    SHA-256: 243e635f6bc15b74ed5a72d5b15ed8eaac55b91438d0a766363086b520af7281
    Size: 51.69 MB
  3. kernel-abi-whitelists-3.10.0-1160.114.2.el7.noarch.rpm
    MD5: 6f9ecf795171aae8da0f3c9568b83f4f
    SHA-256: 77f820480ca8f0a6d2024420259fb70404fb56c278927aa8bb9bcfd551a243bd
    Size: 8.09 MB
  4. kernel-debug-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 89455c212caccf3c33d8a9683db01cc0
    SHA-256: 6332ac70d6c5d5618051e82bfc2aa1cfc7e244e31005ecba19a6f526802fd8e9
    Size: 54.00 MB
  5. kernel-debug-devel-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: ba2f3112fb24c87ef4b2ba696545d8d5
    SHA-256: 8296c42ecfb635a7a2b6ea556c6e3b1dd40cb0ce7f7a70827c2c1629dd3f89a6
    Size: 18.09 MB
  6. kernel-devel-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 9cfa2063d1c847d4d36ee355e10d8037
    SHA-256: a92d55c6204582593fb3eee3f6b52e58c4bbfcacbfd069bc1a0800e209312791
    Size: 18.02 MB
  7. kernel-doc-3.10.0-1160.114.2.el7.noarch.rpm
    MD5: ace0d98b4458ca7ee3cf500c27b4967a
    SHA-256: cf3f9566af84ac4128d4465c98b68a0425800c10de8b0df60f730cf35b0eced3
    Size: 19.57 MB
  8. kernel-headers-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: b357bdc9602823565cebf7b4b7ca6d44
    SHA-256: 1fd0351adb7f276d92047de3f19b682dc81160b0125b6f72e035b0b352a23025
    Size: 9.08 MB
  9. kernel-tools-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 894af0d9f14c4eec06a906e064f4a44a
    SHA-256: 8f9f55247adc0dce335738c9ea563883ff00d13454247aa1cc8490c980b6a85e
    Size: 8.19 MB
  10. kernel-tools-libs-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: b5e87ec38f0452fb29e014a33d4b54a3
    SHA-256: 1905c34d315dc6d48d2ae3f779f79a109bb8e5f01ca2760485b44ad913a21c5a
    Size: 8.09 MB
  11. perf-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 360d0f59f84d1abdf6b6eef5c0043ce1
    SHA-256: 7e8b01665b6de3fd832d4a0f099f99fed30414267f558fc4689bdd8e908e4b83
    Size: 9.73 MB
  12. python-perf-3.10.0-1160.114.2.el7.x86_64.rpm
    MD5: 5272b62c6ff5e5c40cb9add692dbf266
    SHA-256: 8d038faa42e70b1db3fee3b238e95d505e816f64aa0f2092622e6e65f8f4c4d8
    Size: 8.18 MB