Hi, You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux. AlmaLinux: 9 Type: Security Severity: Moderate Release date: 2024-11-03 Summary: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (CVE-2023-52626) * kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset (CVE-2024-26801) * kernel: crypto: qat - resolve race condition during AER recovery (CVE-2024-26974) * kernel: xen-netfront: Add missing skb_mark_for_recycle (CVE-2024-27393) * kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667) * kernel: smb: client: fix UAF in smb2_reconnect_server() (CVE-2024-35870) * kernel: net/mlx5: Properly link new fs rules into the tree (CVE-2024-35960) * kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly (CVE-2021-47400) Bug Fix(es): * cifs - kernel panic with cifs_put_smb_ses (JIRA:AlmaLinux-28943) * BUG: unable to handle page fault for address: ff16bf752f593ff8 [almalinux-9.4.z] (JIRA:AlmaLinux-35672) * [HPE 9.4 Bug] Request merge of AMD address translation library patch series [almalinux-9.4.z] (JIRA:AlmaLinux-36220) * [AlmaLinux9] kernel BUG at lib/list_debug.c:51! [almalinux-9.4.z] (JIRA:AlmaLinux-36687) * ice: DPLL-related fixes [almalinux-9.4.z] (JIRA:AlmaLinux-36716) * CNB95: net/sched: update TC core to upstream v6.8 [almalinux-9.4.z] (JIRA:AlmaLinux-37641) * IPv6: SR: backport fixes from upstream [almalinux-9.4.z] (JIRA:AlmaLinux-37669) * [RFE] Backport tmpfs noswap mount option [almalinux-9.4.z] (JIRA:AlmaLinux-38252) * Isolated cores causing issues on latest AlmaLinux9.4 kernel and not functioning as desired. [almalinux-9.4.z] (JIRA:AlmaLinux-38595) * [ice] Add automatic VF reset on Tx MDD events [almalinux-9.4.z] (JIRA:AlmaLinux-39083) * [HPEMC AlmaLinux 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [almalinux-9.4.z] (JIRA:AlmaLinux-34953) * bnx2x: fix crashes in PCI error handling, resource leaks [almalinux-9.4.z] (JIRA:AlmaLinux-43272) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2024-4349.html This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org. Kind regards, AlmaLinux Team