Bottlerocket: kernel-5.10, kernel-5.15, kernel-6.1: security update to 2.4.0

medium Tenable Cloud Security Plugin ID 427983

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory
mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the
requested size and the actual size does not consider the partial mapping offset. This can cause page fault
access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the
difference between the end and start addresses. Additionally, the calculations have been rewritten in a
clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem:
Adjust vma offset for framebuffer mmap offset") (cherry picked from commit
97b6784753da06d9d40232328efc5c5367e53417) (CVE-2024-42259)

Plugin Details

Severity: Medium

ID: 427983

Version: Revision 1.2

Type: Local

Published: 6/30/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-42259

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/14/2024

Reference Information

CVE: CVE-2024-42259