AlmaLinux 8 : kernel (ALSA-2024:5101)

high Nessus Plugin ID 205293

Synopsis

The remote AlmaLinux host is missing one or more security updates.

Description

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5101 advisory.

* kernel: powerpc: Fix access beyond end of drmem array (CVE-2023-52451)
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)
* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)
* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)
* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)
* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)
* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)
* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
* kernel: Revert net/mlx5: Block entering switchdev mode with ns inconsistency (CVE-2023-52658)
* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)
* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)
* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)
* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)
* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)
* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)
* (CVE-2023-28746)
* (CVE-2023-52847)
* (CVE-2021-47548)
* (CVE-2024-36921)
* (CVE-2024-26921)
* (CVE-2021-47579)
* (CVE-2024-36927)
* (CVE-2024-39276)
* (CVE-2024-33621)
* (CVE-2024-27010)
* (CVE-2024-26960)
* (CVE-2024-38596)
* (CVE-2022-48743)
* (CVE-2024-26733)
* (CVE-2024-26586)
* (CVE-2024-26698)
* (CVE-2023-52619)

Bug Fix(es):

* AlmaLinux8.6 - Spinlock statistics may show negative elapsed time and incorrectly formatted output (JIRA:AlmaLinux-17678)
* [AWS][8.9]There are call traces found when booting debug-kernel for Amazon EC2 r8g.metal-24xl instance (JIRA:AlmaLinux-23841)
* [almalinux8] gfs2: Fix glock shrinker (JIRA:AlmaLinux-32941)
* lan78xx: Microchip LAN7800 never comes up after unplug and replug (JIRA:AlmaLinux-33437)
* [Hyper-V][AlmaLinux-8.10.z] Update hv_netvsc driver to TOT (JIRA:AlmaLinux-39074)
* Use-after-free on proc inode-i_sb triggered by fsnotify (JIRA:AlmaLinux-40167)
* blk-cgroup: Properly propagate the iostat update up the hierarchy [almalinux-8.10.z] (JIRA:AlmaLinux-40939)
* (JIRA:AlmaLinux-31798)
* (JIRA:AlmaLinux-10263)
* (JIRA:AlmaLinux-40901)
* (JIRA:AlmaLinux-43547)
* (JIRA:AlmaLinux-34876)

Enhancement(s):

* [RFE] Add module parameters 'soft_reboot_cmd' and 'soft_active_on_boot' for customizing softdog configuration (JIRA:AlmaLinux-19723)

Tenable has extracted the preceding description block directly from the AlmaLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://errata.almalinux.org/8/ALSA-2024-5101.html

https://access.redhat.com/security/cve/CVE-2021-46939

https://access.redhat.com/security/cve/CVE-2021-47257

https://access.redhat.com/security/cve/CVE-2021-47284

https://access.redhat.com/security/cve/CVE-2021-47304

https://access.redhat.com/security/cve/CVE-2021-47373

https://access.redhat.com/security/cve/CVE-2021-47408

https://access.redhat.com/security/cve/CVE-2021-47461

https://access.redhat.com/security/cve/CVE-2021-47468

https://access.redhat.com/security/cve/CVE-2021-47491

https://access.redhat.com/security/cve/CVE-2021-47548

https://access.redhat.com/security/cve/CVE-2021-47579

https://access.redhat.com/security/cve/CVE-2021-47624

https://access.redhat.com/security/cve/CVE-2022-48632

https://access.redhat.com/security/cve/CVE-2022-48743

https://access.redhat.com/security/cve/CVE-2022-48747

https://access.redhat.com/security/cve/CVE-2022-48757

https://access.redhat.com/security/cve/CVE-2023-28746

https://access.redhat.com/security/cve/CVE-2023-52463

https://access.redhat.com/security/cve/CVE-2023-52469

https://access.redhat.com/security/cve/CVE-2023-52471

https://access.redhat.com/security/cve/CVE-2023-52486

https://access.redhat.com/security/cve/CVE-2023-52530

https://access.redhat.com/security/cve/CVE-2023-52619

https://access.redhat.com/security/cve/CVE-2023-52622

https://access.redhat.com/security/cve/CVE-2023-52623

https://access.redhat.com/security/cve/CVE-2023-52648

https://access.redhat.com/security/cve/CVE-2023-52653

https://access.redhat.com/security/cve/CVE-2023-52658

https://access.redhat.com/security/cve/CVE-2023-52662

https://access.redhat.com/security/cve/CVE-2023-52679

https://access.redhat.com/security/cve/CVE-2023-52707

https://access.redhat.com/security/cve/CVE-2023-52730

https://access.redhat.com/security/cve/CVE-2023-52762

https://access.redhat.com/security/cve/CVE-2023-52764

https://access.redhat.com/security/cve/CVE-2023-52775

https://access.redhat.com/security/cve/CVE-2023-52777

https://access.redhat.com/security/cve/CVE-2023-52784

https://access.redhat.com/security/cve/CVE-2023-52791

https://access.redhat.com/security/cve/CVE-2023-52796

https://access.redhat.com/security/cve/CVE-2023-52803

https://access.redhat.com/security/cve/CVE-2023-52811

https://access.redhat.com/security/cve/CVE-2023-52832

https://access.redhat.com/security/cve/CVE-2023-52834

https://access.redhat.com/security/cve/CVE-2023-52845

https://access.redhat.com/security/cve/CVE-2023-52847

https://access.redhat.com/security/cve/CVE-2023-52864

https://access.redhat.com/security/cve/CVE-2024-2201

https://access.redhat.com/security/cve/CVE-2024-21823

https://access.redhat.com/security/cve/CVE-2024-25739

https://access.redhat.com/security/cve/CVE-2024-26586

https://access.redhat.com/security/cve/CVE-2024-26614

https://access.redhat.com/security/cve/CVE-2024-26640

https://access.redhat.com/security/cve/CVE-2024-26660

https://access.redhat.com/security/cve/CVE-2024-26669

https://access.redhat.com/security/cve/CVE-2024-26686

https://access.redhat.com/security/cve/CVE-2024-26698

https://access.redhat.com/security/cve/CVE-2024-26704

https://access.redhat.com/security/cve/CVE-2024-26733

https://access.redhat.com/security/cve/CVE-2024-26740

https://access.redhat.com/security/cve/CVE-2024-26772

https://access.redhat.com/security/cve/CVE-2024-26773

https://access.redhat.com/security/cve/CVE-2024-26802

https://access.redhat.com/security/cve/CVE-2024-26810

https://access.redhat.com/security/cve/CVE-2024-26837

https://access.redhat.com/security/cve/CVE-2024-26840

https://access.redhat.com/security/cve/CVE-2024-26843

https://access.redhat.com/security/cve/CVE-2024-26852

https://access.redhat.com/security/cve/CVE-2024-26853

https://access.redhat.com/security/cve/CVE-2024-26870

https://access.redhat.com/security/cve/CVE-2024-26878

https://access.redhat.com/security/cve/CVE-2024-26921

https://access.redhat.com/security/cve/CVE-2024-26925

https://access.redhat.com/security/cve/CVE-2024-26940

https://access.redhat.com/security/cve/CVE-2024-26958

https://access.redhat.com/security/cve/CVE-2024-26960

https://access.redhat.com/security/cve/CVE-2024-26961

https://access.redhat.com/security/cve/CVE-2024-27010

https://access.redhat.com/security/cve/CVE-2024-27011

https://access.redhat.com/security/cve/CVE-2024-27019

https://access.redhat.com/security/cve/CVE-2024-27020

https://access.redhat.com/security/cve/CVE-2024-27025

https://access.redhat.com/security/cve/CVE-2024-27065

https://access.redhat.com/security/cve/CVE-2024-27388

https://access.redhat.com/security/cve/CVE-2024-27395

https://access.redhat.com/security/cve/CVE-2024-27434

https://access.redhat.com/security/cve/CVE-2024-31076

https://access.redhat.com/security/cve/CVE-2024-33621

https://access.redhat.com/security/cve/CVE-2024-35790

https://access.redhat.com/security/cve/CVE-2024-35801

https://access.redhat.com/security/cve/CVE-2024-35807

https://access.redhat.com/security/cve/CVE-2024-35810

https://access.redhat.com/security/cve/CVE-2024-35814

https://access.redhat.com/security/cve/CVE-2024-35823

https://access.redhat.com/security/cve/CVE-2024-35824

https://access.redhat.com/security/cve/CVE-2024-35847

https://access.redhat.com/security/cve/CVE-2024-35893

https://access.redhat.com/security/cve/CVE-2024-35896

https://access.redhat.com/security/cve/CVE-2024-35897

https://access.redhat.com/security/cve/CVE-2024-35899

https://access.redhat.com/security/cve/CVE-2024-35900

https://access.redhat.com/security/cve/CVE-2024-35910

https://access.redhat.com/security/cve/CVE-2024-35912

https://access.redhat.com/security/cve/CVE-2024-35924

https://access.redhat.com/security/cve/CVE-2024-35925

https://access.redhat.com/security/cve/CVE-2024-35930

https://access.redhat.com/security/cve/CVE-2024-35937

https://access.redhat.com/security/cve/CVE-2024-35938

https://access.redhat.com/security/cve/CVE-2024-35946

https://access.redhat.com/security/cve/CVE-2024-35947

https://access.redhat.com/security/cve/CVE-2024-35952

https://access.redhat.com/security/cve/CVE-2024-36000

https://access.redhat.com/security/cve/CVE-2024-36005

https://access.redhat.com/security/cve/CVE-2024-36006

https://access.redhat.com/security/cve/CVE-2024-36010

https://access.redhat.com/security/cve/CVE-2024-36016

https://access.redhat.com/security/cve/CVE-2024-36017

https://access.redhat.com/security/cve/CVE-2024-36020

https://access.redhat.com/security/cve/CVE-2024-36025

https://access.redhat.com/security/cve/CVE-2024-36270

https://access.redhat.com/security/cve/CVE-2024-36286

https://access.redhat.com/security/cve/CVE-2024-36489

https://access.redhat.com/security/cve/CVE-2024-36886

https://access.redhat.com/security/cve/CVE-2024-36889

https://access.redhat.com/security/cve/CVE-2024-36896

https://access.redhat.com/security/cve/CVE-2024-36904

https://access.redhat.com/security/cve/CVE-2024-36905

https://access.redhat.com/security/cve/CVE-2024-36917

https://access.redhat.com/security/cve/CVE-2024-36921

https://access.redhat.com/security/cve/CVE-2024-36927

https://access.redhat.com/security/cve/CVE-2024-36929

https://access.redhat.com/security/cve/CVE-2024-36933

https://access.redhat.com/security/cve/CVE-2024-36940

https://access.redhat.com/security/cve/CVE-2024-36941

https://access.redhat.com/security/cve/CVE-2024-36945

https://access.redhat.com/security/cve/CVE-2024-36950

https://access.redhat.com/security/cve/CVE-2024-36954

https://access.redhat.com/security/cve/CVE-2024-36960

https://access.redhat.com/security/cve/CVE-2024-36971

https://access.redhat.com/security/cve/CVE-2024-36978

https://access.redhat.com/security/cve/CVE-2024-36979

https://access.redhat.com/security/cve/CVE-2024-38538

https://access.redhat.com/security/cve/CVE-2024-38555

https://access.redhat.com/security/cve/CVE-2024-38573

https://access.redhat.com/security/cve/CVE-2024-38575

https://access.redhat.com/security/cve/CVE-2024-38596

https://access.redhat.com/security/cve/CVE-2024-38598

https://access.redhat.com/security/cve/CVE-2024-38615

https://access.redhat.com/security/cve/CVE-2024-38627

https://access.redhat.com/security/cve/CVE-2024-39276

https://access.redhat.com/security/cve/CVE-2024-39472

https://access.redhat.com/security/cve/CVE-2024-39476

https://access.redhat.com/security/cve/CVE-2024-39487

https://access.redhat.com/security/cve/CVE-2024-39502

https://access.redhat.com/security/cve/CVE-2024-40927

https://access.redhat.com/security/cve/CVE-2024-40974

Plugin Details

Severity: High

ID: 205293

File Name: alma_linux_ALSA-2024-5101.nasl

Version: 1.8

Type: local

Published: 8/9/2024

Updated: 9/23/2025

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-40974

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2024-35814

Vulnerability Information

CPE: p-cpe:/a:alma:linux:kernel, p-cpe:/a:alma:linux:kernel-debug, p-cpe:/a:alma:linux:kernel-debug-core, p-cpe:/a:alma:linux:kernel-debug-modules, p-cpe:/a:alma:linux:kernel-modules, p-cpe:/a:alma:linux:kernel-tools-libs-devel, p-cpe:/a:alma:linux:kernel-zfcpdump, p-cpe:/a:alma:linux:kernel-zfcpdump-modules, cpe:/o:alma:linux:8, p-cpe:/a:alma:linux:bpftool, p-cpe:/a:alma:linux:kernel-abi-stablelists, p-cpe:/a:alma:linux:kernel-core, p-cpe:/a:alma:linux:kernel-cross-headers, p-cpe:/a:alma:linux:kernel-debug-devel, p-cpe:/a:alma:linux:kernel-debug-modules-extra, p-cpe:/a:alma:linux:kernel-devel, p-cpe:/a:alma:linux:kernel-headers, p-cpe:/a:alma:linux:kernel-modules-extra, p-cpe:/a:alma:linux:kernel-tools, p-cpe:/a:alma:linux:kernel-tools-libs, p-cpe:/a:alma:linux:perf, p-cpe:/a:alma:linux:python3-perf, p-cpe:/a:alma:linux:kernel-zfcpdump-core, p-cpe:/a:alma:linux:kernel-zfcpdump-devel, p-cpe:/a:alma:linux:kernel-zfcpdump-modules-extra, cpe:/o:alma:linux:8::powertools, cpe:/o:alma:linux:8::baseos, cpe:/o:alma:linux:8::appstream, cpe:/o:alma:linux:8::nfv, cpe:/o:alma:linux:8::realtime, cpe:/o:alma:linux:8::highavailability, cpe:/o:alma:linux:8::resilientstorage, cpe:/o:alma:linux:8::sap, cpe:/o:alma:linux:8::sap_hana, cpe:/o:alma:linux:8::supplementary

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/AlmaLinux/release, Host/AlmaLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/8/2024

Vulnerability Publication Date: 7/14/2021

CISA Known Exploited Vulnerability Due Dates: 8/28/2024

Reference Information

CVE: CVE-2021-46939, CVE-2021-47257, CVE-2021-47284, CVE-2021-47304, CVE-2021-47373, CVE-2021-47408, CVE-2021-47461, CVE-2021-47468, CVE-2021-47491, CVE-2021-47548, CVE-2021-47579, CVE-2021-47624, CVE-2022-48632, CVE-2022-48743, CVE-2022-48747, CVE-2022-48757, CVE-2023-28746, CVE-2023-52463, CVE-2023-52469, CVE-2023-52471, CVE-2023-52486, CVE-2023-52530, CVE-2023-52619, CVE-2023-52622, CVE-2023-52623, CVE-2023-52648, CVE-2023-52653, CVE-2023-52658, CVE-2023-52662, CVE-2023-52679, CVE-2023-52707, CVE-2023-52730, CVE-2023-52762, CVE-2023-52764, CVE-2023-52775, CVE-2023-52777, CVE-2023-52784, CVE-2023-52791, CVE-2023-52796, CVE-2023-52803, CVE-2023-52811, CVE-2023-52832, CVE-2023-52834, CVE-2023-52845, CVE-2023-52847, CVE-2023-52864, CVE-2024-21823, CVE-2024-2201, CVE-2024-25739, CVE-2024-26586, CVE-2024-26614, CVE-2024-26640, CVE-2024-26660, CVE-2024-26669, CVE-2024-26686, CVE-2024-26698, CVE-2024-26704, CVE-2024-26733, CVE-2024-26740, CVE-2024-26772, CVE-2024-26773, CVE-2024-26802, CVE-2024-26810, CVE-2024-26837, CVE-2024-26840, CVE-2024-26843, CVE-2024-26852, CVE-2024-26853, CVE-2024-26870, CVE-2024-26878, CVE-2024-26921, CVE-2024-26925, CVE-2024-26940, CVE-2024-26958, CVE-2024-26960, CVE-2024-26961, CVE-2024-27010, CVE-2024-27011, CVE-2024-27019, CVE-2024-27020, CVE-2024-27025, CVE-2024-27065, CVE-2024-27388, CVE-2024-27395, CVE-2024-27434, CVE-2024-31076, CVE-2024-33621, CVE-2024-35790, CVE-2024-35801, CVE-2024-35807, CVE-2024-35810, CVE-2024-35814, CVE-2024-35823, CVE-2024-35824, CVE-2024-35847, CVE-2024-35893, CVE-2024-35896, CVE-2024-35897, CVE-2024-35899, CVE-2024-35900, CVE-2024-35910, CVE-2024-35912, CVE-2024-35924, CVE-2024-35925, CVE-2024-35930, CVE-2024-35937, CVE-2024-35938, CVE-2024-35946, CVE-2024-35947, CVE-2024-35952, CVE-2024-36000, CVE-2024-36005, CVE-2024-36006, CVE-2024-36010, CVE-2024-36016, CVE-2024-36017, CVE-2024-36020, CVE-2024-36025, CVE-2024-36270, CVE-2024-36286, CVE-2024-36489, CVE-2024-36886, CVE-2024-36889, CVE-2024-36896, CVE-2024-36904, CVE-2024-36905, CVE-2024-36917, CVE-2024-36921, CVE-2024-36927, CVE-2024-36929, CVE-2024-36933, CVE-2024-36940, CVE-2024-36941, CVE-2024-36945, CVE-2024-36950, CVE-2024-36954, CVE-2024-36960, CVE-2024-36971, CVE-2024-36978, CVE-2024-36979, CVE-2024-38538, CVE-2024-38555, CVE-2024-38573, CVE-2024-38575, CVE-2024-38596, CVE-2024-38598, CVE-2024-38615, CVE-2024-38627, CVE-2024-39276, CVE-2024-39472, CVE-2024-39476, CVE-2024-39487, CVE-2024-39502, CVE-2024-40927, CVE-2024-40974

CWE: 119, 120, 121, 122, 124, 125, 129, 131, 1342, 1423, 170, 190, 20, 229, 276, 362, 369, 400, 401, 402, 413, 415, 416, 457, 459, 476, 590, 664, 665, 667, 690, 754, 787, 822, 833, 99