[SECURITY] Fedora 39 Update: kernel-6.8.8-200.fc39

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-bc0db39a14 2024-05-03 01:25:18.628985 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 39 Version : 6.8.8 Release : 200.fc39 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.8.8 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 27 2024 Justin M. Forbes <jforbes(a)fedoraproject.org&gt; [6.8.8-200] - Revert "cpupower: Bump soname version" (Justin M. Forbes) - Drop soname for libcpupower.so since we reverted the bump (Justin M. Forbes) * Sat Apr 27 2024 Justin M. Forbes <jforbes(a)fedoraproject.org&gt; [6.8.8-0] - Update BugsFixed for 6.8.8 (Justin M. Forbes) - Turn on ISM for Fedora (Justin M. Forbes) - Turn off some Fedora UBSAN options to avoid false positives (Justin M. Forbes) - fedora: aarch64: Enable a QCom Robotics platforms requirements (Peter Robinson) - Turn on UBSAN for Fedora (Justin M. Forbes) - Linux v6.8.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2276666 - CVE-2024-26922 kernel: drm/amdgpu: validate the parameters of bo mapping operations more clearly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2276666 [ 2 ] Bug #2277155 - Fedora 39 - Device Driver for ISM not configured in kernel https://bugzilla.redhat.com/show_bug.cgi?id=2277155 [ 3 ] Bug #2277170 - CVE-2024-26924 kernel: netfilter: nft_set_pipapo: do not free live element [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2277170 [ 4 ] Bug #2278253 - CVE-2024-27022 kernel: fork: defer linking file vma until vma is fully initialized [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278253 [ 5 ] Bug #2278255 - CVE-2024-27021 kernel: r8169: fix LED-related deadlock on module removal [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278255 [ 6 ] Bug #2278257 - CVE-2024-27020 kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278257 [ 7 ] Bug #2278259 - CVE-2024-27019 kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278259 [ 8 ] Bug #2278261 - CVE-2024-27018 kernel: netfilter: br_netfilter: skip conntrack input hook for promisc packets [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278261 [ 9 ] Bug #2278263 - CVE-2024-27017 kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278263 [ 10 ] Bug #2278265 - CVE-2024-27016 kernel: netfilter: flowtable: validate pppoe header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278265 [ 11 ] Bug #2278267 - CVE-2024-27015 kernel: netfilter: flowtable: incorrect pppoe tuple [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278267 [ 12 ] Bug #2278269 - CVE-2024-27014 kernel: net/mlx5e: Prevent deadlock while disabling aRFS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278269 [ 13 ] Bug #2278271 - CVE-2024-27013 kernel: tun: limit printing rate when illegal packet received by tun dev [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278271 [ 14 ] Bug #2278276 - CVE-2024-27012 kernel: netfilter: nf_tables: restore set elements when delete set fails [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278276 [ 15 ] Bug #2278278 - CVE-2024-27011 kernel: netfilter: nf_tables: fix memleak in map from abort path [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278278 [ 16 ] Bug #2278280 - CVE-2024-27010 kernel: net/sched: Fix mirred deadlock on device recursion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278280 [ 17 ] Bug #2278282 - CVE-2024-27009 kernel: s390/cio: fix race condition during online processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278282 [ 18 ] Bug #2278284 - CVE-2024-27008 kernel: drm: nv04: Fix out of bounds access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278284 [ 19 ] Bug #2278286 - CVE-2024-27007 kernel: userfaultfd: change src_folio after ensuring it&#39;s unpinned in UFFDIO_MOVE [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278286 [ 20 ] Bug #2278288 - CVE-2024-27006 kernel: thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278288 [ 21 ] Bug #2278290 - CVE-2024-27005 kernel: interconnect: Don&#39;t access req_list while it&#39;s being manipulated [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278290 [ 22 ] Bug #2278292 - CVE-2024-27004 kernel: clk: Get runtime PM before walking tree during disable_unused [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278292 [ 23 ] Bug #2278294 - CVE-2024-27003 kernel: clk: Get runtime PM before walking tree for clk_summary [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278294 [ 24 ] Bug #2278296 - CVE-2024-27002 kernel: clk: mediatek: Do a runtime PM get on controllers during probe [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278296 [ 25 ] Bug #2278298 - CVE-2024-27001 kernel: comedi: vmk80xx: fix incomplete endpoint checking [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278298 [ 26 ] Bug #2278300 - CVE-2024-27000 kernel: serial: mxs-auart: add spinlock around changing cts state [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278300 [ 27 ] Bug #2278302 - CVE-2024-26999 kernel: serial/pmac_zilog: Remove flawed mitigation for rx irq flood [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278302 [ 28 ] Bug #2278304 - CVE-2024-26998 kernel: serial: core: Clearing the circular buffer before NULLifying it [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278304 [ 29 ] Bug #2278309 - CVE-2024-26996 kernel: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278309 [ 30 ] Bug #2278311 - CVE-2024-26995 kernel: usb: typec: tcpm: Correct the PDO counting in pd_set [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278311 [ 31 ] Bug #2278313 - CVE-2024-26994 kernel: speakup: Avoid crash on very long word [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278313 [ 32 ] Bug #2278315 - CVE-2024-26993 kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278315 [ 33 ] Bug #2278317 - CVE-2024-26992 kernel: KVM: x86/pmu: Disable support for adaptive PEBS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278317 [ 34 ] Bug #2278319 - CVE-2024-26991 kernel: KVM: x86/mmu: x86: Don&#39;t overflow lpage_info when checking attributes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278319 [ 35 ] Bug #2278321 - CVE-2024-26990 kernel: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278321 [ 36 ] Bug #2278323 - CVE-2024-26989 kernel: arm64: hibernate: Fix level3 translation fault in swsusp_save() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278323 [ 37 ] Bug #2278325 - CVE-2024-26988 kernel: init/main.c: Fix potential static_command_line memory overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278325 [ 38 ] Bug #2278328 - CVE-2024-26987 kernel: mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278328 [ 39 ] Bug #2278330 - CVE-2024-26986 kernel: drm/amdkfd: Fix memory leak in create_process failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278330 [ 40 ] Bug #2278332 - CVE-2024-26985 kernel: drm/xe: Fix bo leak in intel_fb_bo_framebuffer_init [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278332 [ 41 ] Bug #2278334 - CVE-2024-26984 kernel: nouveau: fix instmem race condition around ptr stores [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278334 [ 42 ] Bug #2278336 - CVE-2024-26983 kernel: bootconfig: use memblock_free_late to free xbc memory to buddy [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278336 [ 43 ] Bug #2278338 - CVE-2024-26982 kernel: Squashfs: check the inode number is not the invalid value of zero [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278338 [ 44 ] Bug #2278340 - CVE-2024-26981 kernel: nilfs2: fix OOB in nilfs_set_de_type [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278340 [ 45 ] Bug #2278342 - CVE-2024-26980 kernel: ksmbd: fix slab-out-of-bounds in smb2_allocate_rsp_buf [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278342 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-bc0db39a14' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------