Main Vulnerability Database SB2024062808

SB2024062808 - openEuler 20.03 LTS SP4 update for kernel

Published: June 28, 2024

Security Bulletin ID SB2024062808

Severity

Medium

Patch available

YES

Number of vulnerabilities 74

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 74 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2021-47239)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smsc75xx_bind() and smsc75xx_unbind() functions in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2021-47265)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mlx5_ib_create_flow() function in drivers/infiniband/hw/mlx5/fs.c, within the mlx4_ib_create_flow() function in drivers/infiniband/hw/mlx4/main.c, within the ib_uverbs_ex_create_flow() function in drivers/infiniband/core/uverbs_cmd.c. A local user can perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2021-47275)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cached_dev_cache_miss() function in drivers/md/bcache/request.c. A local user can perform a denial of service (DoS) attack.

4) Out-of-bounds read (CVE-ID: CVE-2021-47277)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the include/linux/kvm_host.h. A local user can perform a denial of service (DoS) attack.

5) Use of uninitialized resource (CVE-ID: CVE-2021-47297)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the caif_seqpkt_sendmsg() function in net/caif/caif_socket.c. A local user can perform a denial of service (DoS) attack.

6) Information disclosure (CVE-ID: CVE-2021-47314)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the fsl_ifc_ctrl_remove() and fsl_ifc_ctrl_probe() functions in drivers/memory/fsl_ifc.c. A local user can gain access to sensitive information.

7) Use-after-free (CVE-ID: CVE-2021-47323)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the wdt_startup() function in drivers/watchdog/sc520_wdt.c. A local user can escalate privileges on the system.

8) Memory leak (CVE-ID: CVE-2021-47330)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the serial_resume() and serial_probe() functions in drivers/tty/serial/8250/serial_cs.c. A local user can perform a denial of service (DoS) attack.

9) Improper locking (CVE-ID: CVE-2021-47350)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bad_kernel_fault() function in arch/powerpc/mm/fault.c. A local user can perform a denial of service (DoS) attack.

10) NULL pointer dereference (CVE-ID: CVE-2021-47353)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the udf_symlink() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.

11) Use-after-free (CVE-ID: CVE-2021-47355)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nicstar_cleanup() function in drivers/atm/nicstar.c. A local user can escalate privileges on the system.

12) Use-after-free (CVE-ID: CVE-2021-47356)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the HFC_cleanup() function in drivers/isdn/hardware/mISDN/hfcpci.c. A local user can escalate privileges on the system.

13) Use-after-free (CVE-ID: CVE-2021-47357)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ia_module_exit() function in drivers/atm/iphase.c. A local user can escalate privileges on the system.

14) Improper error handling (CVE-ID: CVE-2021-47361)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the mcb_alloc_bus() function in drivers/mcb/mcb-core.c. A local user can perform a denial of service (DoS) attack.

15) NULL pointer dereference (CVE-ID: CVE-2021-47362)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the si_dpm_enable() function in drivers/gpu/drm/amd/pm/powerplay/si_dpm.c. A local user can perform a denial of service (DoS) attack.

16) Use-after-free (CVE-ID: CVE-2021-47388)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.

17) Resource management error (CVE-ID: CVE-2021-47395)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ieee80211_parse_tx_radiotap() function in net/mac80211/tx.c. A local user can perform a denial of service (DoS) attack.

18) NULL pointer dereference (CVE-ID: CVE-2021-47397)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_rcv_ootb() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.

19) Memory leak (CVE-ID: CVE-2021-47401)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ipoctal_inst_slot() and __ipoctal_remove() functions in drivers/ipack/devices/ipoctal.c. A local user can perform a denial of service (DoS) attack.

20) Out-of-bounds read (CVE-ID: CVE-2021-47404)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

21) Memory leak (CVE-ID: CVE-2021-47405)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hid_ctrl() and usbhid_stop() functions in drivers/hid/usbhid/hid-core.c. A local user can perform a denial of service (DoS) attack.

22) Improper locking (CVE-ID: CVE-2021-47408)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the DEFINE_SPINLOCK(), get_next_corpse(), nf_ct_iterate_cleanup() and nf_conntrack_hash_resize() functions in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.

23) Memory leak (CVE-ID: CVE-2021-47423)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the drivers/gpu/drm/nouveau/nouveau_debugfs.c. A local user can perform a denial of service (DoS) attack.

24) Use-after-free (CVE-ID: CVE-2021-47427)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iscsi_eh_abort() function in drivers/scsi/libiscsi.c. A local user can escalate privileges on the system.

25) Memory leak (CVE-ID: CVE-2021-47438)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

26) Memory leak (CVE-ID: CVE-2021-47442)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_in_send_sdd_req() function in net/nfc/digital_technology.c. A local user can perform a denial of service (DoS) attack.

27) Memory leak (CVE-ID: CVE-2021-47443)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the digital_tg_configure_hw() and digital_tg_listen_mdaa() functions in net/nfc/digital_core.c. A local user can perform a denial of service (DoS) attack.

28) NULL pointer dereference (CVE-ID: CVE-2021-47445)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_edp_ctrl_power() and msm_edp_ctrl_init() functions in drivers/gpu/drm/msm/edp/edp_ctrl.c. A local user can perform a denial of service (DoS) attack.

29) Buffer overflow (CVE-ID: CVE-2021-47458)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ocfs2_initialize_super() function in fs/ocfs2/super.c. A local user can escalate privileges on the system.

30) Use-after-free (CVE-ID: CVE-2021-47459)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can escalate privileges on the system.

31) NULL pointer dereference (CVE-ID: CVE-2021-47475)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the IC3_VERSION BIT() and vmk80xx_alloc_usb_buffers() functions in drivers/staging/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.

32) Information disclosure (CVE-ID: CVE-2021-47477)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the dt9812_read_info(), dt9812_read_multiple_registers(), dt9812_write_multiple_registers() and dt9812_rmw_multiple_registers() functions in drivers/staging/comedi/drivers/dt9812.c. A local user can gain access to sensitive information.

33) Input validation error (CVE-ID: CVE-2021-47495)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.

34) Memory leak (CVE-ID: CVE-2021-47545)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fmt_free(), perf_hpp__init() and perf_hpp_list__prepend_sort_field() functions in tools/perf/ui/hist.c. A local user can perform a denial of service (DoS) attack.

35) Buffer overflow (CVE-ID: CVE-2021-47548)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the hns_dsaf_ge_srst_by_port() function in drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c. A local user can escalate privileges on the system.

36) Use-after-free (CVE-ID: CVE-2021-47549)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sata_fsl_init_controller() and sata_fsl_remove() functions in drivers/ata/sata_fsl.c. A local user can escalate privileges on the system.

37) NULL pointer dereference (CVE-ID: CVE-2021-47559)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the smc_link_down_work() and smc_vlan_by_tcpsk() functions in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.

38) NULL pointer dereference (CVE-ID: CVE-2022-48708)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pcs_set_mux() function in drivers/pinctrl/pinctrl-single.c. A local user can perform a denial of service (DoS) attack.

39) Out-of-bounds read (CVE-ID: CVE-2023-52669)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ctr_paes_crypt() function in arch/s390/crypto/paes_s390.c, within the ctr_aes_crypt() function in arch/s390/crypto/aes_s390.c. A local user can perform a denial of service (DoS) attack.

40) Use of uninitialized resource (CVE-ID: CVE-2023-52693)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.

41) Improper locking (CVE-ID: CVE-2023-52699)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the block_end(), get_branch(), get_block() and find_shared() functions in fs/sysv/itree.c. A local user can perform a denial of service (DoS) attack.

42) Use of uninitialized resource (CVE-ID: CVE-2023-52703)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the kalmia_send_init_packet() function in drivers/net/usb/kalmia.c. A local user can perform a denial of service (DoS) attack.

43) Improper error handling (CVE-ID: CVE-2023-52750)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch/arm64/Kconfig. A local user can perform a denial of service (DoS) attack.

44) Use-after-free (CVE-ID: CVE-2023-52752)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

45) Reachable Assertion (CVE-ID: CVE-2023-52759)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.

46) NULL pointer dereference (CVE-ID: CVE-2023-52789)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vcc_probe() and vcc_table_remove() functions in drivers/tty/vcc.c. A local user can perform a denial of service (DoS) attack.

47) Improper locking (CVE-ID: CVE-2023-52796)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ipvlan_addr_lookup(), IS_ENABLED() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.

48) Out-of-bounds read (CVE-ID: CVE-2023-52799)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbAllocCtl(), dbFindCtl(), dbAllocDmapLev(), dbAdjTree() and dbFindLeaf() functions in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

49) NULL pointer dereference (CVE-ID: CVE-2023-52802)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the stm32_adc_probe() function in drivers/iio/adc/stm32-adc-core.c. A local user can perform a denial of service (DoS) attack.

50) Out-of-bounds read (CVE-ID: CVE-2023-52804)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

51) Out-of-bounds read (CVE-ID: CVE-2023-52805)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the diInitInode() and diAlloc() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.

52) NULL pointer dereference (CVE-ID: CVE-2023-52809)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fc_lport_ptp_setup() function in drivers/scsi/libfc/fc_lport.c. A local user can perform a denial of service (DoS) attack.

53) Out-of-bounds read (CVE-ID: CVE-2023-52819)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.

54) Improper error handling (CVE-ID: CVE-2023-52831)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the cpu_down_maps_locked() function in kernel/cpu.c. A local user can perform a denial of service (DoS) attack.

55) Integer overflow (CVE-ID: CVE-2023-52832)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ieee80211_get_tx_power() function in net/mac80211/cfg.c. A local user can execute arbitrary code.

56) Use of uninitialized resource (CVE-ID: CVE-2023-52845)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the net/tipc/netlink.c. A local user can perform a denial of service (DoS) attack.

57) Out-of-bounds read (CVE-ID: CVE-2023-52878)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the can_put_echo_skb() function in drivers/net/can/dev/skb.c. A local user can perform a denial of service (DoS) attack.

58) Improper locking (CVE-ID: CVE-2024-26934)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.

59) Race condition within a thread (CVE-ID: CVE-2024-27020)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a data race within the __nft_expr_type_get() and nft_expr_type_get() functions in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.

60) NULL pointer dereference (CVE-ID: CVE-2024-27399)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

61) Buffer overflow (CVE-ID: CVE-2024-27401)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

62) Use-after-free (CVE-ID: CVE-2024-35789)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.

63) Improper locking (CVE-ID: CVE-2024-35808)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the raid_message() function in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.

64) Improper locking (CVE-ID: CVE-2024-35822)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the usb_ep_queue() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.

65) Buffer overflow (CVE-ID: CVE-2024-35823)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

66) Memory leak (CVE-ID: CVE-2024-35877)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the follow_phys() function in mm/memory.c, within the is_cow_mapping(), free_pfn_range() and untrack_pfn() functions in arch/x86/mm/pat.c. A local user can perform a denial of service (DoS) attack.

67) NULL pointer dereference (CVE-ID: CVE-2024-35904)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.

68) Division by zero (CVE-ID: CVE-2024-35925)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the blk_rq_stat_init() function in block/blk-stat.c. A local user can perform a denial of service (DoS) attack.

69) Improper Initialization (CVE-ID: CVE-2024-35960)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.

70) Memory leak (CVE-ID: CVE-2024-35978)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hci_req_sync_complete() function in net/bluetooth/hci_request.c. A local user can perform a denial of service (DoS) attack.

71) Buffer overflow (CVE-ID: CVE-2024-35995)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.

72) Resource management error (CVE-ID: CVE-2024-36004)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the i40e_init_module() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

73) Unchecked Return Value (CVE-ID: CVE-2024-36015)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.

74) Double Free (CVE-ID: CVE-2024-36940)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1692

Vulnerable Software

openEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2406.1.0.0279
kernel-debuginfo: before 4.19.90-2406.1.0.0279
perf: before 4.19.90-2406.1.0.0279
perf-debuginfo: before 4.19.90-2406.1.0.0279
kernel-tools-devel: before 4.19.90-2406.1.0.0279
bpftool-debuginfo: before 4.19.90-2406.1.0.0279
kernel-debugsource: before 4.19.90-2406.1.0.0279
python3-perf: before 4.19.90-2406.1.0.0279
kernel-source: before 4.19.90-2406.1.0.0279
bpftool: before 4.19.90-2406.1.0.0279
kernel-devel: before 4.19.90-2406.1.0.0279
kernel-tools: before 4.19.90-2406.1.0.0279
python2-perf-debuginfo: before 4.19.90-2406.1.0.0279
kernel-tools-debuginfo: before 4.19.90-2406.1.0.0279
python2-perf: before 4.19.90-2406.1.0.0279
kernel: before 4.19.90-2406.1.0.0279

SB2024062808 - openEuler 20.03 LTS SP4 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human