The following advisory data is extracted from: https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2394.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2024:2394-03 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2024:2394 Issue date: 2024-04-30 Revision: 03 CVE Names: CVE-2020-26555 ==================================================================== Summary: An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546) * kernel: multiple use-after-free vulnerabilities (CVE-2024-1086, CVE-2023-3567, CVE-2023-4133, CVE-2023-6932, CVE-2023-39198, CVE-2023-51043, CVE-2023-51779, CVE-2023-51780, CVE-2024-1085, CVE-2024-26582) * kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555) * kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480) * kernel: multiple NULL pointer dereference vulnerabilities (CVE-2022-38096, CVE-2023-6622, CVE-2023-6915, CVE-2023-42754, CVE-2023-46862, CVE-2023-52574, CVE-2024-0841, CVE-2023-52448) * kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c (CVE-2022-45934) * kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable() (CVE-2023-6040) * kernel: GC's deletion of an SKB races with unix_stream_read_generic() leading to UAF (CVE-2023-6531) * kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (CVE-2023-6931) * kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses (CVE-2023-24023) * kernel: irdma: Improper access control (CVE-2023-25775) * Kernel: double free in hci_conn_cleanup of the bluetooth subsystem (CVE-2023-28464) * kernel: Bluetooth: HCI: global out-of-bounds access in net/bluetooth/hci_sync.c (CVE-2023-28866) * kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl (CVE-2023-31083) * kernel: multiple out-of-bounds read vulnerabilities (CVE-2023-37453, CVE-2023-39189, CVE-2023-39193, CVE-2023-6121, CVE-2023-39194) * kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP (CVE-2023-42756) * kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write (CVE-2023-45863) * kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434) * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489) * kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522) * kernel: multiple memory leak vulnerabilities (CVE-2023-52529, CVE-2023-52581) * kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578) * kernel: net/core: kernel crash in ETH_P_1588 flow dissector (CVE-2023-52580) * kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610) * kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565) * kernel: tls: race between async notify and socket close (CVE-2024-26583) * kernel: tls: handle backlogging of crypto requests (CVE-2024-26584) * kernel: tls: race between tx work scheduling and socket close (CVE-2024-26585) * kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586) * kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593) * kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602) * kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-26609) * kernel: local dos vulnerability in scatterwalk_copychunks (CVE-2023-6176) * kernel: perf/x86/lbr: Filter vsyscall addresses (CVE-2023-52476) * kernel: netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620) * kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (CVE-2024-26633) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section. Solution: https://access.redhat.com/articles/11258 CVEs: CVE-2020-26555 References: https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.4_release_notes/index https://bugzilla.redhat.com/show_bug.cgi?id=1918601 https://bugzilla.redhat.com/show_bug.cgi?id=2049700 https://bugzilla.redhat.com/show_bug.cgi?id=2133452 https://bugzilla.redhat.com/show_bug.cgi?id=2151959 https://bugzilla.redhat.com/show_bug.cgi?id=2177759 https://bugzilla.redhat.com/show_bug.cgi?id=2185519 https://bugzilla.redhat.com/show_bug.cgi?id=2188102 https://bugzilla.redhat.com/show_bug.cgi?id=2210024 https://bugzilla.redhat.com/show_bug.cgi?id=2213132 https://bugzilla.redhat.com/show_bug.cgi?id=2218332 https://bugzilla.redhat.com/show_bug.cgi?id=2219359 https://bugzilla.redhat.com/show_bug.cgi?id=2221039 https://bugzilla.redhat.com/show_bug.cgi?id=2221463 https://bugzilla.redhat.com/show_bug.cgi?id=2221702 https://bugzilla.redhat.com/show_bug.cgi?id=2226777 https://bugzilla.redhat.com/show_bug.cgi?id=2226787 https://bugzilla.redhat.com/show_bug.cgi?id=2226788 https://bugzilla.redhat.com/show_bug.cgi?id=2231410 https://bugzilla.redhat.com/show_bug.cgi?id=2239845 https://bugzilla.redhat.com/show_bug.cgi?id=2239848 https://bugzilla.redhat.com/show_bug.cgi?id=2244720 https://bugzilla.redhat.com/show_bug.cgi?id=2246980 https://bugzilla.redhat.com/show_bug.cgi?id=2250043 https://bugzilla.redhat.com/show_bug.cgi?id=2252731 https://bugzilla.redhat.com/show_bug.cgi?id=2253034 https://bugzilla.redhat.com/show_bug.cgi?id=2253632 https://bugzilla.redhat.com/show_bug.cgi?id=2254961 https://bugzilla.redhat.com/show_bug.cgi?id=2254982 https://bugzilla.redhat.com/show_bug.cgi?id=2255283 https://bugzilla.redhat.com/show_bug.cgi?id=2255498 https://bugzilla.redhat.com/show_bug.cgi?id=2256490 https://bugzilla.redhat.com/show_bug.cgi?id=2256822 https://bugzilla.redhat.com/show_bug.cgi?id=2257682 https://bugzilla.redhat.com/show_bug.cgi?id=2258013 https://bugzilla.redhat.com/show_bug.cgi?id=2258518 https://bugzilla.redhat.com/show_bug.cgi?id=2260005 https://bugzilla.redhat.com/show_bug.cgi?id=2262126 https://bugzilla.redhat.com/show_bug.cgi?id=2262127 https://bugzilla.redhat.com/show_bug.cgi?id=2265285 https://bugzilla.redhat.com/show_bug.cgi?id=2265517 https://bugzilla.redhat.com/show_bug.cgi?id=2265518 https://bugzilla.redhat.com/show_bug.cgi?id=2265519 https://bugzilla.redhat.com/show_bug.cgi?id=2265520 https://bugzilla.redhat.com/show_bug.cgi?id=2265645 https://bugzilla.redhat.com/show_bug.cgi?id=2265646 https://bugzilla.redhat.com/show_bug.cgi?id=2265653 https://bugzilla.redhat.com/show_bug.cgi?id=2267041 https://bugzilla.redhat.com/show_bug.cgi?id=2267695 https://bugzilla.redhat.com/show_bug.cgi?id=2267750 https://bugzilla.redhat.com/show_bug.cgi?id=2267758 https://bugzilla.redhat.com/show_bug.cgi?id=2267760 https://bugzilla.redhat.com/show_bug.cgi?id=2267761 https://bugzilla.redhat.com/show_bug.cgi?id=2267788 https://bugzilla.redhat.com/show_bug.cgi?id=2267795 https://bugzilla.redhat.com/show_bug.cgi?id=2269189 https://bugzilla.redhat.com/show_bug.cgi?id=2269217 https://bugzilla.redhat.com/show_bug.cgi?id=2270080 https://bugzilla.redhat.com/show_bug.cgi?id=2270118 https://bugzilla.redhat.com/show_bug.cgi?id=2270883 https://issues.redhat.com/browse/RHEL-15897 https://issues.redhat.com/browse/RHEL-15937 https://issues.redhat.com/browse/RHEL-16024 https://issues.redhat.com/browse/RHEL-17986 https://issues.redhat.com/browse/RHEL-19081 https://issues.redhat.com/browse/RHEL-2376 https://issues.redhat.com/browse/RHEL-2421 https://issues.redhat.com/browse/RHEL-2466 https://issues.redhat.com/browse/RHEL-2907 https://issues.redhat.com/browse/RHEL-3923 https://issues.redhat.com/browse/RHEL-5226 https://issues.redhat.com/browse/RHEL-5228 https://issues.redhat.com/browse/RHEL-6012 https://issues.redhat.com/browse/RHEL-7936 https://issues.redhat.com/browse/RHEL-9127