RHSA-2024:5102
Vulnerability from csaf_redhat
Published
2024-08-08 04:44
Modified
2025-02-19 02:02
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)
* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)
* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)
* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)
* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)
* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)
* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)
* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)
* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)
* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)
* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)
* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)
* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)
* kernel: crash due to a missing check for leb_size (CVE-2024-25739)
* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)
* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)
* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)
* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)
* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)
* kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (CVE-2024-27434)
* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)
* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)
* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)
* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)
* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)
* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)
* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)
* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)
* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)
* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)
* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)
* (CVE-2023-52832)
* (CVE-2023-52803)
* (CVE-2023-52756)
* (CVE-2023-52834)
* (CVE-2023-52791)
* (CVE-2023-52764)
* (CVE-2021-47468)
* (CVE-2021-47284)
* (CVE-2024-36025)
* (CVE-2024-36941)
* (CVE-2024-36940)
* (CVE-2024-36904)
* (CVE-2024-36896)
* (CVE-2024-36954)
* (CVE-2024-36950)
* (CVE-2024-38575)
* (CVE-2024-36917)
* (CVE-2024-36016)
* (CVE-2023-52762)
* (CVE-2024-27025)
* (CVE-2021-47548)
* (CVE-2023-52619)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)\n\n* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)\n\n* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)\n\n* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)\n\n* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)\n\n* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)\n\n* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)\n\n* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)\n\n* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)\n\n* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)\n\n* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)\n\n* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)\n\n* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)\n\n* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)\n\n* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)\n\n* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)\n\n* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)\n\n* kernel: Revert \"net/mlx5: Block entering switchdev mode with ns inconsistency\" (CVE-2023-52658)\n\n* kernel: crash due to a missing check for leb_size (CVE-2024-25739)\n\n* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)\n\n* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)\n\n* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)\n\n* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)\n\n* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)\n\n* kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (CVE-2024-27434)\n\n* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)\n\n* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)\n\n* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)\n\n* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)\n\n* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)\n\n* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)\n\n* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)\n\n* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)\n\n* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)\n\n* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)\n\n* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)\n\n* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)\n\n* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)\n\n* (CVE-2023-52832)\n* (CVE-2023-52803)\n* (CVE-2023-52756)\n* (CVE-2023-52834)\n* (CVE-2023-52791)\n* (CVE-2023-52764)\n* (CVE-2021-47468)\n* (CVE-2021-47284)\n* (CVE-2024-36025)\n* (CVE-2024-36941)\n* (CVE-2024-36940)\n* (CVE-2024-36904)\n* (CVE-2024-36896)\n* (CVE-2024-36954)\n* (CVE-2024-36950)\n* (CVE-2024-38575)\n* (CVE-2024-36917)\n* (CVE-2024-36016)\n* (CVE-2023-52762)\n* (CVE-2024-27025)\n* (CVE-2021-47548)\n* (CVE-2023-52619)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:5102", url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2263879", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2263879", }, { category: "external", summary: "2265645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265645", }, { category: "external", summary: "2265797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265797", }, { category: "external", summary: "2266341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266341", }, { category: "external", summary: "2266347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266347", }, { category: "external", summary: "2266497", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266497", }, { category: "external", summary: "2267787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267787", }, { category: "external", summary: "2268118", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268118", }, { category: "external", summary: "2269070", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269070", }, { category: "external", summary: "2269211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269211", }, { category: "external", summary: "2270084", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270084", }, { category: "external", summary: "2270100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270100", }, { category: "external", summary: "2271686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271686", }, { category: "external", summary: "2271688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271688", }, { category: "external", summary: "2272782", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272782", }, { category: "external", summary: "2272795", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272795", }, { category: "external", summary: "2273109", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273109", }, { category: "external", summary: "2273174", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273174", }, { category: "external", summary: "2273236", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273236", }, { category: "external", summary: "2273242", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273242", }, { category: "external", summary: "2273247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273247", }, { category: "external", summary: "2273268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273268", }, { category: "external", summary: "2273427", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273427", }, { category: "external", summary: "2273654", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273654", }, { category: "external", summary: "2275565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275565", }, { category: "external", summary: "2275573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275573", }, { category: "external", summary: "2275580", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275580", }, { category: "external", summary: "2275694", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275694", }, { category: "external", summary: "2275711", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275711", }, { category: "external", summary: "2275748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275748", }, { category: "external", summary: "2275761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275761", }, { category: "external", summary: "2275928", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275928", }, { category: "external", summary: "2277166", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277166", }, { category: "external", summary: "2277238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277238", }, { category: "external", summary: "2277840", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277840", }, { category: "external", summary: "2278176", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278176", }, { category: "external", summary: "2278178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278178", }, { category: "external", summary: "2278182", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278182", }, { category: "external", summary: "2278218", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278218", }, { category: "external", summary: "2278256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278256", }, { category: "external", summary: "2278258", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278258", }, { category: "external", summary: "2278277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278277", }, { category: "external", summary: "2278279", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278279", }, { category: "external", summary: "2278380", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278380", }, { category: "external", summary: "2278484", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278484", }, { category: "external", summary: "2278515", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278515", }, { category: "external", summary: "2278535", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278535", }, { category: "external", summary: "2278539", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278539", }, { category: "external", summary: "2278989", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278989", }, { category: "external", summary: "2280440", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280440", }, { category: "external", summary: "2281054", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281054", }, { category: "external", summary: "2281133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281133", }, { category: "external", summary: "2281149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281149", }, { category: "external", summary: "2281207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281207", }, { category: "external", summary: "2281215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281215", }, { category: "external", summary: "2281221", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281221", }, { category: "external", summary: "2281235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281235", }, { category: "external", summary: "2281268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281268", }, { category: "external", summary: "2281326", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281326", }, { category: "external", summary: "2281360", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281360", }, { category: "external", summary: "2281510", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281510", }, { category: "external", summary: "2281519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281519", }, { category: "external", summary: "2281636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281636", }, { category: "external", summary: "2281641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281641", }, { category: "external", summary: "2281664", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281664", }, { category: "external", summary: "2281667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281667", }, { category: "external", summary: "2281672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281672", }, { category: "external", summary: "2281675", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281675", }, { category: "external", summary: "2281682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281682", }, { category: "external", summary: "2281725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281725", }, { category: "external", summary: "2281752", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281752", }, { category: "external", summary: "2281758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281758", }, { category: "external", summary: "2281819", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281819", }, { category: "external", summary: "2281821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281821", }, { category: "external", summary: "2281833", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281833", }, { category: "external", summary: "2281938", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281938", }, { category: "external", summary: "2281949", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281949", }, { category: "external", summary: "2281968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281968", }, { category: "external", summary: "2281989", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281989", }, { category: "external", summary: "2282328", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282328", }, { category: "external", summary: "2282373", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282373", }, { category: "external", summary: "2282479", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282479", }, { category: "external", summary: "2282553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282553", }, { category: "external", summary: "2282615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282615", }, { category: "external", summary: "2282623", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282623", }, { category: "external", summary: "2282640", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282640", }, { category: "external", summary: "2282642", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282642", }, { category: "external", summary: "2282645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282645", }, { category: "external", summary: "2282717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282717", }, { category: "external", summary: "2282719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282719", }, { category: "external", summary: "2282727", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282727", }, { category: "external", summary: "2282742", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282742", }, { category: "external", summary: "2282743", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282743", }, { category: "external", summary: "2282744", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282744", }, { category: "external", summary: "2282759", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282759", }, { category: "external", summary: "2282763", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282763", }, { category: "external", summary: "2282766", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282766", }, { category: "external", summary: "2282772", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282772", }, { category: "external", summary: "2282780", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282780", }, { category: "external", summary: "2282887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282887", }, { category: "external", summary: "2282896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282896", }, { category: "external", summary: "2282923", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282923", }, { category: "external", summary: "2282925", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282925", }, { category: "external", summary: "2282950", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282950", }, { category: "external", summary: "2283401", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283401", }, { category: "external", summary: "2283894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283894", }, { category: "external", summary: "2284400", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284400", }, { category: "external", summary: "2284417", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284417", }, { category: "external", summary: "2284421", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284421", }, { category: "external", summary: "2284474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284474", }, { category: "external", summary: "2284477", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284477", }, { category: "external", summary: "2284488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284488", }, { category: "external", summary: "2284496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284496", }, { category: "external", summary: "2284500", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284500", }, { category: "external", summary: "2284513", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284513", }, { category: "external", summary: "2284519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284519", }, { category: "external", summary: "2284539", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284539", }, { category: "external", summary: "2284541", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284541", }, { category: "external", summary: "2284556", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284556", }, { category: "external", summary: "2284571", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284571", }, { category: "external", summary: "2284590", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284590", }, { category: "external", summary: "2284625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284625", }, { category: "external", summary: "2290408", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2290408", }, { category: "external", summary: "2292331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292331", }, { category: "external", summary: "2293078", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293078", }, { category: "external", summary: "2293250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293250", }, { category: "external", summary: "2293276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293276", }, { category: "external", summary: "2293312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293312", }, { category: "external", summary: "2293316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293316", }, { category: "external", summary: "2293348", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293348", }, { category: "external", summary: "2293371", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293371", }, { category: "external", summary: "2293383", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293383", }, { category: "external", summary: "2293418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293418", }, { category: "external", summary: "2293420", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293420", }, { category: "external", summary: "2293444", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293444", }, { category: "external", summary: "2293461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293461", }, { category: "external", summary: "2293653", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293653", }, { category: "external", summary: "2293657", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293657", }, { category: "external", summary: "2293684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293684", }, { category: "external", summary: "2293687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293687", }, { category: "external", summary: "2293700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293700", }, { category: "external", summary: "2293711", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293711", }, { category: "external", summary: "2294274", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294274", }, { category: "external", summary: "2295914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295914", }, { category: "external", summary: "2296067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296067", }, { category: "external", summary: "2297056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297056", }, { category: "external", summary: "2297474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297474", }, { category: "external", summary: "2297511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297511", }, { category: "external", summary: "2298108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298108", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5102.json", }, ], title: "Red Hat Security Advisory: kernel-rt security update", tracking: { current_release_date: "2025-02-19T02:02:35+00:00", generator: { date: "2025-02-19T02:02:35+00:00", engine: { name: "Red Hat SDEngine", version: "4.3.1", }, }, id: "RHSA-2024:5102", initial_release_date: "2024-08-08T04:44:11+00:00", revision_history: [ { date: "2024-08-08T04:44:11+00:00", number: "1", summary: "Initial version", }, { date: "2024-08-08T04:44:11+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-19T02:02:35+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux NFV (v. 8)", product: { name: "Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::nfv", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux RT (v. 8)", product: { name: "Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::realtime", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", product: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", product_id: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt@4.18.0-553.16.1.rt7.357.el8_10?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_id: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", }, product_reference: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", }, product_reference: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", }, product_reference: "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2021-46939", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266497", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Restructure trace_clock_global() to never block\n\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\n\nCall Trace:\n trace_clock_global+0x91/0xa0\n __rb_reserve_next+0x237/0x460\n ring_buffer_lock_reserve+0x12a/0x3f0\n trace_buffer_lock_reserve+0x10/0x50\n __trace_graph_return+0x1f/0x80\n trace_graph_return+0xb7/0xf0\n ? trace_clock_global+0x91/0xa0\n ftrace_return_to_handler+0x8b/0xf0\n ? pv_hash+0xa0/0xa0\n return_to_handler+0x15/0x30\n ? ftrace_graph_caller+0xa0/0xa0\n ? trace_clock_global+0x91/0xa0\n ? __rb_reserve_next+0x237/0x460\n ? ring_buffer_lock_reserve+0x12a/0x3f0\n ? trace_event_buffer_lock_reserve+0x3c/0x120\n ? trace_event_buffer_reserve+0x6b/0xc0\n ? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n ? dpm_run_callback+0x3b/0xc0\n ? pm_ops_is_empty+0x50/0x50\n ? platform_get_irq_byname_optional+0x90/0x90\n ? trace_device_pm_callback_start+0x82/0xd0\n ? dpm_run_callback+0x49/0xc0\n\nWith the following RIP:\n\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\n\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\n\nring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* lock taken */\n (something else gets traced by function graph tracer)\n ring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* DEAD LOCK! */\n\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\n\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded \"prev_time\" simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn't matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\n\n\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761", title: "Vulnerability description", }, { category: "summary", text: "kernel: tracing: Restructure trace_clock_global() to never block", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-46939", }, { category: "external", summary: "RHBZ#2266497", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266497", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-46939", url: "https://www.cve.org/CVERecord?id=CVE-2021-46939", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-46939", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-46939", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-4-gregkh@linuxfoundation.org/T/#u", url: "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-4-gregkh@linuxfoundation.org/T/#u", }, ], release_date: "2024-02-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tracing: Restructure trace_clock_global() to never block", }, { cve: "CVE-2021-47257", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282553", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: ieee802154: fix null deref in parse dev addr", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47257", }, { category: "external", summary: "RHBZ#2282553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282553", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47257", url: "https://www.cve.org/CVERecord?id=CVE-2021-47257", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47257", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47257", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: ieee802154: fix null deref in parse dev addr", }, { cve: "CVE-2021-47284", cwe: { id: "CWE-590", name: "Free of Memory not on the Heap", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282923", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: netjet: Fix crash in nj_probe:\n\n'nj_setup' in netjet.c might fail with -EIO and in this case\n'card->irq' is initialized and is bigger than zero. A subsequent call to\n'nj_release' will free the irq that has not been requested.\n\nFix this bug by deleting the previous assignment to 'card->irq' and just\nkeep the assignment before 'request_irq'.\n\nThe KASAN's log reveals it:\n\n[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826\nfree_irq+0x100/0x480\n[ 3.355112 ] Modules linked in:\n[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480\n[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18\n4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5\nff <0f> 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80\n[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082\n[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:\n0000000000000000\n[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:\n00000000ffffffff\n[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:\n0000000000000000\n[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:\n0000000000000000\n[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:\nffff888104dc80a8\n[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)\nknlGS:0000000000000000\n[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:\n00000000000006f0\n[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] nj_release+0x51/0x1e0\n[ 3.362175 ] nj_probe+0x450/0x950\n[ 3.362175 ] ? pci_device_remove+0x110/0x110\n[ 3.362175 ] local_pci_probe+0x45/0xa0\n[ 3.362175 ] pci_device_probe+0x12b/0x1d0\n[ 3.362175 ] really_probe+0x2a9/0x610\n[ 3.362175 ] driver_probe_device+0x90/0x1d0\n[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20\n[ 3.362175 ] device_driver_attach+0x68/0x70\n[ 3.362175 ] __driver_attach+0x124/0x1b0\n[ 3.362175 ] ? device_driver_attach+0x70/0x70\n[ 3.362175 ] bus_for_each_dev+0xbb/0x110\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] driver_attach+0x27/0x30\n[ 3.362175 ] bus_add_driver+0x1eb/0x2a0\n[ 3.362175 ] driver_register+0xa9/0x180\n[ 3.362175 ] __pci_register_driver+0x82/0x90\n[ 3.362175 ] ? w6692_init+0x38/0x38\n[ 3.362175 ] nj_init+0x36/0x38\n[ 3.362175 ] do_one_initcall+0x7f/0x3d0\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80\n[ 3.362175 ] kernel_init_freeable+0x2aa/0x301\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] kernel_init+0x18/0x190\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ret_from_fork+0x1f/0x30\n[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...\n[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] dump_stack+0xba/0xf5\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] panic+0x15a/0x3f2\n[ 3.362175 ] ? __warn+0xf2/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] __warn+0x108/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] report_bug+0x119/0x1c0\n[ 3.362175 ] handle_bug+0x3b/0x80\n[ 3.362175 ] exc_invalid_op+0x18/0x70\n[ 3.362175 ] asm_exc_invalid_op+0x12/0x20\n[ 3.362175 ] RIP: 0010:free_irq+0x100\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: isdn: mISDN: netjet: Fix crash in nj_probe", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47284", }, { category: "external", summary: "RHBZ#2282923", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282923", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47284", url: "https://www.cve.org/CVERecord?id=CVE-2021-47284", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47284", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47284", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47284-c8f5@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47284-c8f5@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: isdn: mISDN: netjet: Fix crash in nj_probe", }, { cve: "CVE-2021-47304", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282479", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix tcp_init_transfer() to not reset icsk_ca_initialized\n\nThis commit fixes a bug (found by syzkaller) that could cause spurious\ndouble-initializations for congestion control modules, which could cause\nmemory leaks or other problems for congestion control modules (like CDG)\nthat allocate memory in their init functions.\n\nThe buggy scenario constructed by syzkaller was something like:\n\n(1) create a TCP socket\n(2) initiate a TFO connect via sendto()\n(3) while socket is in TCP_SYN_SENT, call setsockopt(TCP_CONGESTION),\n which calls:\n tcp_set_congestion_control() ->\n tcp_reinit_congestion_control() ->\n tcp_init_congestion_control()\n(4) receive ACK, connection is established, call tcp_init_transfer(),\n set icsk_ca_initialized=0 (without first calling cc->release()),\n call tcp_init_congestion_control() again.\n\nNote that in this sequence tcp_init_congestion_control() is called\ntwice without a cc->release() call in between. Thus, for CC modules\nthat allocate memory in their init() function, e.g, CDG, a memory leak\nmay occur. The syzkaller tool managed to find a reproducer that\ntriggered such a leak in CDG.\n\nThe bug was introduced when that commit 8919a9b31eb4 (\"tcp: Only init\ncongestion control if not initialized already\")\nintroduced icsk_ca_initialized and set icsk_ca_initialized to 0 in\ntcp_init_transfer(), missing the possibility for a sequence like the\none above, where a process could call setsockopt(TCP_CONGESTION) in\nstate TCP_SYN_SENT (i.e. after the connect() or TFO open sendmsg()),\nwhich would call tcp_init_congestion_control(). It did not intend to\nreset any initialization that the user had already explicitly made;\nit just missed the possibility of that particular sequence (which\nsyzkaller managed to find).", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47304", }, { category: "external", summary: "RHBZ#2282479", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282479", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47304", url: "https://www.cve.org/CVERecord?id=CVE-2021-47304", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47304", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47304", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052126-CVE-2021-47304-fc16@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052126-CVE-2021-47304-fc16@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized", }, { cve: "CVE-2021-47373", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282373", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Fix potential VPE leak on error\n\nIn its_vpe_irq_domain_alloc, when its_vpe_init() returns an error,\nthere is an off-by-one in the number of VPEs to be freed.\n\nFix it by simply passing the number of VPEs allocated, which is the\nindex of the loop iterating over the VPEs.\n\n[maz: fixed commit message]", title: "Vulnerability description", }, { category: "summary", text: "kernel: irqchip/gic-v3-its: Fix potential VPE leak on error", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47373", }, { category: "external", summary: "RHBZ#2282373", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282373", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47373", url: "https://www.cve.org/CVERecord?id=CVE-2021-47373", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47373", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47373", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: irqchip/gic-v3-its: Fix potential VPE leak on error", }, { cve: "CVE-2021-47408", cwe: { id: "CWE-667", name: "Improper Locking", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282328", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel’s netfilter and conntrack module, occurring during the resizing and cleanup of hash tables used for connection tracking. The kernel's nf_ct_iterate_cleanup() function fails to efficiently handle simultaneous hash resizes and cleanups, leading to prolonged delays lead to unresponsive system behavior.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: conntrack: serialize hash resizes and cleanups", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as a moderate severity because it impacts on system availability rather than data security, affects system performance and responsiveness, particularly during cleanup operations under high load conditions", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47408", }, { category: "external", summary: "RHBZ#2282328", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282328", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47408", url: "https://www.cve.org/CVERecord?id=CVE-2021-47408", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47408", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47408", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: conntrack: serialize hash resizes and cleanups", }, { cve: "CVE-2021-47461", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-05-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282896", }, ], notes: [ { category: "description", text: "A possible race condition flaw was found in the Linux kernel. When a process exits, its virtual memory areas (VMAs) are removed by exit_mmap(), and at the same time, userfaultfd_writeprotect() is called.", title: "Vulnerability description", }, { category: "summary", text: "kernel: userfaultfd: fix a race between writeprotect and exit_mmap()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47461", }, { category: "external", summary: "RHBZ#2282896", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282896", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47461", url: "https://www.cve.org/CVERecord?id=CVE-2021-47461", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47461", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47461", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052225-CVE-2021-47461-a472@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052225-CVE-2021-47461-a472@gregkh/T", }, ], release_date: "2024-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: userfaultfd: fix a race between writeprotect and exit_mmap()", }, { cve: "CVE-2021-47468", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-05-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282887", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card->isac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[ 44.169574 ] INFO: lockdep is turned off.\n[ 44.169899 ] irq event stamp: 0\n[ 44.170160 ] hardirqs last enabled at (0): [<0000000000000000>] 0x0\n[ 44.170627 ] hardirqs last disabled at (0): [<ffffffff814209ed>] copy_process+0x132d/0x3e00\n[ 44.171240 ] softirqs last enabled at (0): [<ffffffff81420a1a>] copy_process+0x135a/0x3e00\n[ 44.171852 ] softirqs last disabled at (0): [<0000000000000000>] 0x0\n[ 44.172318 ] Preemption disabled at:\n[ 44.172320 ] [<ffffffffa009b0a9>] nj_release+0x69/0x500 [netjet]\n[ 44.174441 ] Call Trace:\n[ 44.174630 ] dump_stack_lvl+0xa8/0xd1\n[ 44.174912 ] dump_stack+0x15/0x17\n[ 44.175166 ] ___might_sleep+0x3a2/0x510\n[ 44.175459 ] ? nj_release+0x69/0x500 [netjet]\n[ 44.175791 ] __might_sleep+0x82/0xe0\n[ 44.176063 ] ? start_flush_work+0x20/0x7b0\n[ 44.176375 ] start_flush_work+0x33/0x7b0\n[ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170\n[ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177711 ] __flush_work+0x11a/0x1a0\n[ 44.177991 ] ? flush_work+0x20/0x20\n[ 44.178257 ] ? lock_release+0x13c/0x8f0\n[ 44.178550 ] ? __kasan_check_write+0x14/0x20\n[ 44.178872 ] ? do_raw_spin_lock+0x148/0x360\n[ 44.179187 ] ? read_lock_is_recursive+0x20/0x20\n[ 44.179530 ] ? __kasan_check_read+0x11/0x20\n[ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900\n[ 44.180168 ] ? ____kasan_slab_free+0x116/0x140\n[ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60\n[ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0\n[ 44.181189 ] ? kfree+0x13e/0x290\n[ 44.181438 ] flush_work+0x17/0x20\n[ 44.181695 ] mISDN_freedchannel+0xe8/0x100\n[ 44.182006 ] isac_release+0x210/0x260 [mISDNipac]\n[ 44.182366 ] nj_release+0xf6/0x500 [netjet]\n[ 44.182685 ] nj_remove+0x48/0x70 [netjet]\n[ 44.182989 ] pci_device_remove+0xa9/0x250", title: "Vulnerability description", }, { category: "summary", text: "kernel: isdn: mISDN: Fix sleeping function called from invalid context", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47468", }, { category: "external", summary: "RHBZ#2282887", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282887", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47468", url: "https://www.cve.org/CVERecord?id=CVE-2021-47468", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47468", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47468", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052227-CVE-2021-47468-6c1b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052227-CVE-2021-47468-6c1b@gregkh/T", }, ], release_date: "2024-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: isdn: mISDN: Fix sleeping function called from invalid context", }, { cve: "CVE-2021-47491", cwe: { id: "CWE-664", name: "Improper Control of a Resource Through its Lifetime", }, discovery_date: "2024-05-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282925", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC. The intended usecase is to avoid TLB\nmisses for large text segments. But it doesn't restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission. This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]", title: "Vulnerability description", }, { category: "summary", text: "kernel: mm: khugepaged: skip huge page collapse for special files", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47491", }, { category: "external", summary: "RHBZ#2282925", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282925", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47491", url: "https://www.cve.org/CVERecord?id=CVE-2021-47491", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47491", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47491", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052241-CVE-2021-47491-437d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052241-CVE-2021-47491-437d@gregkh/T", }, ], release_date: "2024-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: mm: khugepaged: skip huge page collapse for special files", }, { cve: "CVE-2021-47548", cwe: { id: "CWE-129", name: "Improper Validation of Array Index", }, discovery_date: "2024-05-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283401", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port >= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off;\n\nbecause the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47548", }, { category: "external", summary: "RHBZ#2283401", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283401", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47548", url: "https://www.cve.org/CVERecord?id=CVE-2021-47548", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47548", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47548", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T", }, ], release_date: "2024-05-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()", }, { cve: "CVE-2021-47579", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293250", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix warning in ovl_create_real()\n\nSyzbot triggered the following warning in ovl_workdir_create() ->\novl_create_real():\n\n\tif (!err && WARN_ON(!newdentry->d_inode)) {\n\nThe reason is that the cgroup2 filesystem returns from mkdir without\ninstantiating the new dentry.\n\nWeird filesystems such as this will be rejected by overlayfs at a later\nstage during setup, but to prevent such a warning, call ovl_mkdir_real()\ndirectly from ovl_workdir_create() and reject this case early.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ovl: fix warning in ovl_create_real()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47579", }, { category: "external", summary: "RHBZ#2293250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293250", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47579", url: "https://www.cve.org/CVERecord?id=CVE-2021-47579", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47579", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47579", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: ovl: fix warning in ovl_create_real()", }, { cve: "CVE-2021-47624", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-07-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2298108", }, ], notes: [ { category: "description", text: "A memory leak flaw was found in the Linux kernel’s SunRpc filesystem (sysfs). This flaw allows a local user to crash the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47624", }, { category: "external", summary: "RHBZ#2298108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2298108", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47624", url: "https://www.cve.org/CVERecord?id=CVE-2021-47624", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47624", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47624", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T", }, ], release_date: "2024-07-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "To mitigate this issue, prevent module sunrpc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change", }, { cve: "CVE-2022-48632", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2024-04-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2277840", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. The following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction().", title: "Vulnerability description", }, { category: "summary", text: "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-48632", }, { category: "external", summary: "RHBZ#2277840", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277840", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-48632", url: "https://www.cve.org/CVERecord?id=CVE-2022-48632", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-48632", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-48632", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T", }, ], release_date: "2024-04-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", }, { cve: "CVE-2022-48743", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, discovery_date: "2024-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293316", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: amd-xgbe: Fix skb data length underflow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-48743", }, { category: "external", summary: "RHBZ#2293316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293316", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-48743", url: "https://www.cve.org/CVERecord?id=CVE-2022-48743", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-48743", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-48743", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/T", }, ], release_date: "2024-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: amd-xgbe: Fix skb data length underflow", }, { cve: "CVE-2022-48747", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293312", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix wrong offset in bio_truncate()\n\nbio_truncate() clears the buffer outside of last block of bdev, however\ncurrent bio_truncate() is using the wrong offset of page. So it can\nreturn the uninitialized data.\n\nThis happened when both of truncated/corrupted FS and userspace (via\nbdev) are trying to read the last of bdev.", title: "Vulnerability description", }, { category: "summary", text: "kernel: block: Fix wrong offset in bio_truncate()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-48747", }, { category: "external", summary: "RHBZ#2293312", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293312", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-48747", url: "https://www.cve.org/CVERecord?id=CVE-2022-48747", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-48747", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-48747", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48747-c63f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48747-c63f@gregkh/T", }, ], release_date: "2024-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: block: Fix wrong offset in bio_truncate()", }, { cve: "CVE-2022-48757", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, discovery_date: "2024-06-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293383", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: fix information leakage in /proc/net/ptype", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-48757", }, { category: "external", summary: "RHBZ#2293383", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293383", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-48757", url: "https://www.cve.org/CVERecord?id=CVE-2022-48757", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-48757", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-48757", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T", }, ], release_date: "2024-06-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: fix information leakage in /proc/net/ptype", }, { cve: "CVE-2023-52463", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265797", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only (RO), it can be remounted as read-write (RW) without checking if the firmware can handle variable updates. This issue allows operations such as efi-updatevar to be executed, which leads to a crash due to a NULL pointer dereference. This crash occurs because the callback for SetVariable is not assigned, causing a level 0 translation fault.", title: "Vulnerability description", }, { category: "summary", text: "kernel: efivarfs: force RO when remounting if SetVariable is not supported", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is classified as Moderate severity because it requires specific conditions to be exploited: the system must be using a firmware that does not support the SetVariable function at runtime, and an attacker must have the ability to remount the efivarfs filesystem with read-write permissions. While it does not provide direct unauthorized access or code execution, the resulting crash from a NULL pointer dereference can cause denial of service, disrupting normal system operations. The impact is limited to systems with the specified firmware and does not affect systems where the SetVariable function is properly supported, reducing the overall exposure and potential damage.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52463", }, { category: "external", summary: "RHBZ#2265797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265797", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52463", url: "https://www.cve.org/CVERecord?id=CVE-2023-52463", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52463", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52463", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u", }, ], release_date: "2024-02-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: efivarfs: force RO when remounting if SetVariable is not supported", }, { cve: "CVE-2023-52469", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266341", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in kv_parse_power_table in drivers/amd/pm in the Linux kernel. When ps equals NULL, kv_parse_power_table frees adev->pm.dpm.ps. The adev->pm.dpm.ps is used in the loop of kv_dpm_fini after its first free in kv_parse_power_table, causing a use-after-free problem.", title: "Vulnerability description", }, { category: "summary", text: "kernel: use-after-free in kv_parse_power_table", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52469", }, { category: "external", summary: "RHBZ#2266341", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266341", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52469", url: "https://www.cve.org/CVERecord?id=CVE-2023-52469", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52469", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52469", }, { category: "external", summary: "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743", url: "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743", }, { category: "external", summary: "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02", url: "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02", }, { category: "external", summary: "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706", url: "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706", }, { category: "external", summary: "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3", url: "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3", }, { category: "external", summary: "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e", url: "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e", }, { category: "external", summary: "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63", url: "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63", }, { category: "external", summary: "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3", url: "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3", }, { category: "external", summary: "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a", url: "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a", }, ], release_date: "2024-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: use-after-free in kv_parse_power_table", }, { cve: "CVE-2023-52471", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266347", }, ], notes: [ { category: "description", text: "A null pointer dereference problem was found in ice_ptp.c in ice in the Linux Kernel. This issue occurs when devm_kasprintf() returns a pointer to dynamically allocated memory, which can be NULL upon failure.", title: "Vulnerability description", }, { category: "summary", text: "kernel: null pointer dereference issues in ice_ptp.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52471", }, { category: "external", summary: "RHBZ#2266347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52471", url: "https://www.cve.org/CVERecord?id=CVE-2023-52471", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52471", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52471", }, { category: "external", summary: "https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf", url: "https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf", }, { category: "external", summary: "https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695", url: "https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695", }, ], release_date: "2024-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: null pointer dereference issues in ice_ptp.c", }, { cve: "CVE-2023-52486", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2269070", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A frame buffer can be freed while still in use in a specific situation in drivers/gpu/drm/drm_plane.c. This issue may compromise the availability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm: Don't unref the same fb many times by mistake due to deadlock handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52486", }, { category: "external", summary: "RHBZ#2269070", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269070", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52486", url: "https://www.cve.org/CVERecord?id=CVE-2023-52486", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52486", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52486", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-27-lee@kernel.org/T/#u", url: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-27-lee@kernel.org/T/#u", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm: Don't unref the same fb many times by mistake due to deadlock handling", }, { cve: "CVE-2023-52530", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267787", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the Linux kernel’s IEEE 802.11 networking stack implementation functionality, used by Wifi, in how a user triggers the error path of the ieee80211_gtk_rekey_add function. This flaw allows a local user to crash the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: mac80211: fix potential key use-after-free", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52530", }, { category: "external", summary: "RHBZ#2267787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267787", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52530", url: "https://www.cve.org/CVERecord?id=CVE-2023-52530", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52530", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52530", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030255-CVE-2023-52530-ebf0@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030255-CVE-2023-52530-ebf0@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: mac80211: fix potential key use-after-free", }, { cve: "CVE-2023-52619", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-03-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270084", }, ], notes: [ { category: "description", text: "A vulnerability was found in the pstore/ram component of the Linux kernel, which caused crashes when the number of CPU cores was set to an odd number. This issue occurs because the odd-numbered zones became misaligned. This flaw allows a local, authenticated attacker to cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: pstore/ram: Fix crash when setting number of cpus to an odd number", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52619", }, { category: "external", summary: "RHBZ#2270084", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270084", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52619", url: "https://www.cve.org/CVERecord?id=CVE-2023-52619", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52619", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52619", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-9-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-9-lee@kernel.org/T", }, ], release_date: "2024-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: pstore/ram: Fix crash when setting number of cpus to an odd number", }, { cve: "CVE-2023-52622", cwe: { id: "CWE-131", name: "Incorrect Calculation of Buffer Size", }, discovery_date: "2024-03-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2271688", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n <TASK>\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE << MAX_ORDER) / sizeof(struct ext4_new_group_data) ≈ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: avoid online resizing failures due to oversized flex bg", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52622", }, { category: "external", summary: "RHBZ#2271688", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271688", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52622", url: "https://www.cve.org/CVERecord?id=CVE-2023-52622", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52622", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52622", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-5-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-5-lee@kernel.org/T", }, ], release_date: "2024-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: ext4: avoid online resizing failures due to oversized flex bg", }, { cve: "CVE-2023-52623", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-03-26T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2271686", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix a suspicious RCU usage warning\n\nI received the following warning while running cthon against an ontap\nserver running pNFS:\n\n[ 57.202521] =============================\n[ 57.202522] WARNING: suspicious RCU usage\n[ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted\n[ 57.202525] -----------------------------\n[ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!!\n[ 57.202527]\n other info that might help us debug this:\n\n[ 57.202528]\n rcu_scheduler_active = 2, debug_locks = 1\n[ 57.202529] no locks held by test5/3567.\n[ 57.202530]\n stack backtrace:\n[ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e\n[ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022\n[ 57.202536] Call Trace:\n[ 57.202537] <TASK>\n[ 57.202540] dump_stack_lvl+0x77/0xb0\n[ 57.202551] lockdep_rcu_suspicious+0x154/0x1a0\n[ 57.202556] rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202596] rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202621] ? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202646] rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202671] ? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202696] nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202728] ? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202754] nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202760] filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202765] pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202788] __nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202813] nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202831] nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202849] nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202866] write_cache_pages+0x265/0x450\n[ 57.202870] ? __pfx_nfs_writepages_callback+0x10/0x10 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202891] nfs_writepages+0x141/0x230 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202913] do_writepages+0xd2/0x230\n[ 57.202917] ? filemap_fdatawrite_wbc+0x5c/0x80\n[ 57.202921] filemap_fdatawrite_wbc+0x67/0x80\n[ 57.202924] filemap_write_and_wait_range+0xd9/0x170\n[ 57.202930] nfs_wb_all+0x49/0x180 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202947] nfs4_file_flush+0x72/0xb0 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202969] __se_sys_close+0x46/0xd0\n[ 57.202972] do_syscall_64+0x68/0x100\n[ 57.202975] ? do_syscall_64+0x77/0x100\n[ 57.202976] ? do_syscall_64+0x77/0x100\n[ 57.202979] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 57.202982] RIP: 0033:0x7fe2b12e4a94\n[ 57.202985] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 18 0e 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 c3 0f 1f 00 48 83 ec 18 89 7c 24 0c e8 c3\n[ 57.202987] RSP: 002b:00007ffe857ddb38 EFLAGS: 00000202 ORIG_RAX: 0000000000000003\n[ 57.202989] RAX: ffffffffffffffda RBX: 00007ffe857dfd68 RCX: 00007fe2b12e4a94\n[ 57.202991] RDX: 0000000000002000 RSI: 00007ffe857ddc40 RDI: 0000000000000003\n[ 57.202992] RBP: 00007ffe857dfc50 R08: 7fffffffffffffff R09: 0000000065650f49\n[ 57.202993] R10: 00007f\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: SUNRPC: Fix a suspicious RCU usage warning", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52623", }, { category: "external", summary: "RHBZ#2271686", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271686", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52623", url: "https://www.cve.org/CVERecord?id=CVE-2023-52623", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52623", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52623", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-6-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-6-lee@kernel.org/T", }, ], release_date: "2024-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: SUNRPC: Fix a suspicious RCU usage warning", }, { cve: "CVE-2023-52648", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278539", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Unmap the surface before resetting it on a plane state\n\nSwitch to a new plane state requires unreferencing of all held surfaces.\nIn the work required for mob cursors the mapped surfaces started being\ncached but the variable indicating whether the surface is currently\nmapped was not being reset. This leads to crashes as the duplicated\nstate, incorrectly, indicates the that surface is mapped even when\nno surface is present. That's because after unreferencing the surface\nit's perfectly possible for the plane to be backed by a bo instead of a\nsurface.\n\nReset the surface mapped flag when unreferencing the plane state surface\nto fix null derefs in cleanup. Fixes crashes in KDE KWin 6.0 on Wayland:\n\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 4 PID: 2533 Comm: kwin_wayland Not tainted 6.7.0-rc3-vmwgfx #2\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 <48> 8b 78 28 e8 e3 f>\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143dc50 R08: 0000000000000000 R09: ffffb6b98216f920\nR10: 0000000000000003 R11: ffff969e7feb3b10 R12: 0000000000000000\nR13: 0000000000000000 R14: 000000000000027b R15: ffff969d49c9fc00\nFS: 00007f1e8f1b4180(0000) GS:ffff969e75f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000104006004 CR4: 00000000003706f0\nCall Trace:\n <TASK>\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\n drm_atomic_helper_cleanup_planes+0x9b/0xc0\n commit_tail+0xd1/0x130\n drm_atomic_helper_commit+0x11a/0x140\n drm_atomic_commit+0x97/0xd0\n ? __pfx___drm_printfn_info+0x10/0x10\n drm_atomic_helper_update_plane+0xf5/0x160\n drm_mode_cursor_universal+0x10e/0x270\n drm_mode_cursor_common+0x102/0x230\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n drm_ioctl_kernel+0xb2/0x110\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n ? __pfx_drm_ioctl+0x10/0x10\n vmw_generic_ioctl+0xa4/0x110 [vmwgfx]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x61/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? exc_page_fault+0x7f/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\nRIP: 0033:0x7f1e93f279ed\nCode: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff f>\nRSP: 002b:00007ffca0faf600 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055db876ed2c0 RCX: 00007f1e93f279ed\nRDX: 00007ffca0faf6c0 RSI: 00000000c02464bb RDI: 0000000000000015\nRBP: 00007ffca0faf650 R08: 000055db87184010 R09: 0000000000000007\nR10: 000055db886471a0 R11: 0000000000000246 R12: 00007ffca0faf6c0\nR13: 00000000c02464bb R14: 0000000000000015 R15: 00007ffca0faf790\n </TASK>\nModules linked in: snd_seq_dummy snd_hrtimer nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_ine>\nCR2: 0000000000000028\n---[ end trace 0000000000000000 ]---\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 <48> 8b 78 28 e8 e3 f>\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52648", }, { category: "external", summary: "RHBZ#2278539", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278539", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52648", url: "https://www.cve.org/CVERecord?id=CVE-2023-52648", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52648", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52648", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2023-52648-4e0d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2023-52648-4e0d@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state", }, { cve: "CVE-2023-52653", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278515", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx->mech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.", title: "Vulnerability description", }, { category: "summary", text: "kernel: SUNRPC: fix a memleak in gss_import_v2_context", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52653", }, { category: "external", summary: "RHBZ#2278515", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278515", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52653", url: "https://www.cve.org/CVERecord?id=CVE-2023-52653", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52653", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52653", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52653-a5c2@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52653-a5c2@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: SUNRPC: fix a memleak in gss_import_v2_context", }, { cve: "CVE-2023-52658", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281149", }, ], notes: [ { category: "description", text: "CVE-2023-52658 is a vulnerability in the Linux kernel's Mellanox MLX5 driver, specifically related to the switchdev mode. A previous commit intended to block entering switchdev mode due to namespace inconsistencies inadvertently caused system crashes. To address this, the problematic commit was reverted, restoring stability. Users should update their Linux kernel to a version that includes this reversion to ensure reliable operation.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52658", }, { category: "external", summary: "RHBZ#2281149", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281149", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52658", url: "https://www.cve.org/CVERecord?id=CVE-2023-52658", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52658", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52658", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051717-CVE-2023-52658-4c61@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051717-CVE-2023-52658-4c61@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"", }, { cve: "CVE-2023-52662", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281360", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node\n\nWhen ida_alloc_max fails, resources allocated before should be freed,\nincluding *res allocated by kmalloc and ttm_resource_init.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52662", }, { category: "external", summary: "RHBZ#2281360", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281360", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52662", url: "https://www.cve.org/CVERecord?id=CVE-2023-52662", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52662", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52662", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2023-52662-1536@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2023-52662-1536@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node", }, { cve: "CVE-2023-52679", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281326", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nof: Fix double free in of_parse_phandle_with_args_map\n\nIn of_parse_phandle_with_args_map() the inner loop that\niterates through the map entries calls of_node_put(new)\nto free the reference acquired by the previous iteration\nof the inner loop. This assumes that the value of \"new\" is\nNULL on the first iteration of the inner loop.\n\nMake sure that this is true in all iterations of the outer\nloop by setting \"new\" to NULL after its value is assigned to \"cur\".\n\nExtend the unittest to detect the double free and add an additional\ntest case that actually triggers this path.", title: "Vulnerability description", }, { category: "summary", text: "kernel: of: Fix double free in of_parse_phandle_with_args_map", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52679", }, { category: "external", summary: "RHBZ#2281326", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281326", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52679", url: "https://www.cve.org/CVERecord?id=CVE-2023-52679", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52679", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52679", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: of: Fix double free in of_parse_phandle_with_args_map", }, { cve: "CVE-2023-52707", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282615", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/psi: Fix use-after-free in ep_remove_wait_queue()\n\nIf a non-root cgroup gets removed when there is a thread that registered\ntrigger and is polling on a pressure file within the cgroup, the polling\nwaitqueue gets freed in the following path:\n\n do_rmdir\n cgroup_rmdir\n kernfs_drain_open_files\n cgroup_file_release\n cgroup_pressure_release\n psi_trigger_destroy\n\nHowever, the polling thread still has a reference to the pressure file and\nwill access the freed waitqueue when the file is closed or upon exit:\n\n fput\n ep_eventpoll_release\n ep_free\n ep_remove_wait_queue\n remove_wait_queue\n\nThis results in use-after-free as pasted below.\n\nThe fundamental problem here is that cgroup_file_release() (and\nconsequently waitqueue's lifetime) is not tied to the file's real lifetime.\nUsing wake_up_pollfree() here might be less than ideal, but it is in line\nwith the comment at commit 42288cb44c4b (\"wait: add wake_up_pollfree()\")\nsince the waitqueue's lifetime is not tied to file's one and can be\nconsidered as another special case. While this would be fixable by somehow\nmaking cgroup_file_release() be tied to the fput(), it would require\nsizable refactoring at cgroups or higher layer which might be more\njustifiable if we identify more cases like this.\n\n BUG: KASAN: use-after-free in _raw_spin_lock_irqsave+0x60/0xc0\n Write of size 4 at addr ffff88810e625328 by task a.out/4404\n\n\tCPU: 19 PID: 4404 Comm: a.out Not tainted 6.2.0-rc6 #38\n\tHardware name: Amazon EC2 c5a.8xlarge/, BIOS 1.0 10/16/2017\n\tCall Trace:\n\t<TASK>\n\tdump_stack_lvl+0x73/0xa0\n\tprint_report+0x16c/0x4e0\n\tkasan_report+0xc3/0xf0\n\tkasan_check_range+0x2d2/0x310\n\t_raw_spin_lock_irqsave+0x60/0xc0\n\tremove_wait_queue+0x1a/0xa0\n\tep_free+0x12c/0x170\n\tep_eventpoll_release+0x26/0x30\n\t__fput+0x202/0x400\n\ttask_work_run+0x11d/0x170\n\tdo_exit+0x495/0x1130\n\tdo_group_exit+0x100/0x100\n\tget_signal+0xd67/0xde0\n\tarch_do_signal_or_restart+0x2a/0x2b0\n\texit_to_user_mode_prepare+0x94/0x100\n\tsyscall_exit_to_user_mode+0x20/0x40\n\tdo_syscall_64+0x52/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\t</TASK>\n\n Allocated by task 4404:\n\n\tkasan_set_track+0x3d/0x60\n\t__kasan_kmalloc+0x85/0x90\n\tpsi_trigger_create+0x113/0x3e0\n\tpressure_write+0x146/0x2e0\n\tcgroup_file_write+0x11c/0x250\n\tkernfs_fop_write_iter+0x186/0x220\n\tvfs_write+0x3d8/0x5c0\n\tksys_write+0x90/0x110\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Freed by task 4407:\n\n\tkasan_set_track+0x3d/0x60\n\tkasan_save_free_info+0x27/0x40\n\t____kasan_slab_free+0x11d/0x170\n\tslab_free_freelist_hook+0x87/0x150\n\t__kmem_cache_free+0xcb/0x180\n\tpsi_trigger_destroy+0x2e8/0x310\n\tcgroup_file_release+0x4f/0xb0\n\tkernfs_drain_open_files+0x165/0x1f0\n\tkernfs_drain+0x162/0x1a0\n\t__kernfs_remove+0x1fb/0x310\n\tkernfs_remove_by_name_ns+0x95/0xe0\n\tcgroup_addrm_files+0x67f/0x700\n\tcgroup_destroy_locked+0x283/0x3c0\n\tcgroup_rmdir+0x29/0x100\n\tkernfs_iop_rmdir+0xd1/0x140\n\tvfs_rmdir+0xfe/0x240\n\tdo_rmdir+0x13d/0x280\n\t__x64_sys_rmdir+0x2c/0x30\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd", title: "Vulnerability description", }, { category: "summary", text: "kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52707", }, { category: "external", summary: "RHBZ#2282615", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282615", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52707", url: "https://www.cve.org/CVERecord?id=CVE-2023-52707", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52707", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52707", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue()", }, { cve: "CVE-2023-52730", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282640", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won't call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of 'card->dev' is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<000000002f839ccb>] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [<0000000004adcbf6>] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [<000000007538fea0>] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<00000000fcbe706c>] sdio_alloc_func+0x35/0x100 [mmc_core]\n [<00000000c68f4b50>] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]", title: "Vulnerability description", }, { category: "summary", text: "kernel: mmc: sdio: fix possible resource leaks in some error paths", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52730", }, { category: "external", summary: "RHBZ#2282640", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282640", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52730", url: "https://www.cve.org/CVERecord?id=CVE-2023-52730", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52730", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52730", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: mmc: sdio: fix possible resource leaks in some error paths", }, { cve: "CVE-2023-52756", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282742", }, ], notes: [ { category: "description", text: "[REJECTED CVE] A double shift vulnerability was identified in the Linux kernel's pwm subsystem. The issue involves passing a shifted value instead of a bit number to set/test_bit() functions, resulting in a double shift (e.g., BIT(BIT(1))). While this doesn't cause problems for values 0 or 1, values of 5 or higher could lead to a buffer overflow, potentially allowing attackers to cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: pwm: Fix double shift bug", title: "Vulnerability summary", }, { category: "other", text: "This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2024060850-REJECTED-39c1@gregkh/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52756", }, { category: "external", summary: "RHBZ#2282742", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282742", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52756", url: "https://www.cve.org/CVERecord?id=CVE-2023-52756", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52756", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52756", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: pwm: Fix double shift bug", }, { cve: "CVE-2023-52762", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282623", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -> (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.", title: "Vulnerability description", }, { category: "summary", text: "kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52762", }, { category: "external", summary: "RHBZ#2282623", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282623", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52762", url: "https://www.cve.org/CVERecord?id=CVE-2023-52762", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52762", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52762", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size", }, { cve: "CVE-2023-52764", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282780", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type 'int'\n\nWhen the value of the variable \"sd->params.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.", title: "Vulnerability description", }, { category: "summary", text: "kernel: media: gspca: cpia1: shift-out-of-bounds in set_flicker", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52764", }, { category: "external", summary: "RHBZ#2282780", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282780", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52764", url: "https://www.cve.org/CVERecord?id=CVE-2023-52764", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52764", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52764", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: media: gspca: cpia1: shift-out-of-bounds in set_flicker", }, { cve: "CVE-2023-52777", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282642", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: ath11k: fix gtk offload status event locking", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52777", }, { category: "external", summary: "RHBZ#2282642", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282642", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52777", url: "https://www.cve.org/CVERecord?id=CVE-2023-52777", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52777", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52777", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: ath11k: fix gtk offload status event locking", }, { cve: "CVE-2023-52784", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282772", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: bonding: stop the device in bond_setup_by_slave()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52784", }, { category: "external", summary: "RHBZ#2282772", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282772", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52784", url: "https://www.cve.org/CVERecord?id=CVE-2023-52784", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52784", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52784", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: bonding: stop the device in bond_setup_by_slave()", }, { cve: "CVE-2023-52791", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282763", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2.", title: "Vulnerability description", }, { category: "summary", text: "kernel: i2c: core: Run atomic i2c xfer when !preemptible", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52791", }, { category: "external", summary: "RHBZ#2282763", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282763", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52791", url: "https://www.cve.org/CVERecord?id=CVE-2023-52791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52791", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52791", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: i2c: core: Run atomic i2c xfer when !preemptible", }, { cve: "CVE-2023-52796", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282766", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 <41> 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<#DF>\n</#DF>\n<TASK>\n[<ffffffff81f281d1>] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[<ffffffff817e5bf2>] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[<ffffffff817e5bf2>] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[<ffffffff817e5bf2>] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[<ffffffff817e5bf2>] cpu_online include/linux/cpumask.h:1092 [inline]\n[<ffffffff817e5bf2>] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[<ffffffff817e5bf2>] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[<ffffffff8563221e>] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[<ffffffff8561464d>] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[<ffffffff8561464d>] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[<ffffffff85618120>] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[<ffffffff856f65b5>] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[<ffffffff856f65b5>] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[<ffffffff85618009>] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[<ffffffff8561821a>] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[<ffffffff838bd5a3>] ip6_route_output include/net/ip6_route.h:100 [inline]\n[<ffffffff838bd5a3>] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[<ffffffff838bd5a3>] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[<ffffffff838bd5a3>] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[<ffffffff838bd5a3>] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[<ffffffff838c2909>] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[<ffffffff84d03900>] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[<ffffffff84d03900>] xmit_one net/core/dev.c:3644 [inline]\n[<ffffffff84d03900>] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[<ffffffff84d080e2>] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[<ffffffff855ce4cd>] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[<ffffffff855ce4cd>] neigh_hh_output include/net/neighbour.h:529 [inline]\n[<f\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: ipvlan: add ipvlan_route_v6_outbound() helper", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52796", }, { category: "external", summary: "RHBZ#2282766", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282766", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52796", url: "https://www.cve.org/CVERecord?id=CVE-2023-52796", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52796", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52796", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: ipvlan: add ipvlan_route_v6_outbound() helper", }, { cve: "CVE-2023-52803", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282727", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200", title: "Vulnerability description", }, { category: "summary", text: "kernel: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52803", }, { category: "external", summary: "RHBZ#2282727", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282727", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52803", url: "https://www.cve.org/CVERecord?id=CVE-2023-52803", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52803", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52803", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries", }, { cve: "CVE-2023-52811", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282743", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue's event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.", title: "Vulnerability description", }, { category: "summary", text: "kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52811", }, { category: "external", summary: "RHBZ#2282743", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282743", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52811", url: "https://www.cve.org/CVERecord?id=CVE-2023-52811", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52811", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52811", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool", }, { cve: "CVE-2023-52832", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282645", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don't return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type 'int'\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: mac80211: don't return unset power in ieee80211_get_tx_power()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52832", }, { category: "external", summary: "RHBZ#2282645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52832", url: "https://www.cve.org/CVERecord?id=CVE-2023-52832", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52832", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52832", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: mac80211: don't return unset power in ieee80211_get_tx_power()", }, { cve: "CVE-2023-52834", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282744", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.", title: "Vulnerability description", }, { category: "summary", text: "kernel: atl1c: Work around the DMA RX overflow issue", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52834", }, { category: "external", summary: "RHBZ#2282744", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282744", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52834", url: "https://www.cve.org/CVERecord?id=CVE-2023-52834", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52834", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52834", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: atl1c: Work around the DMA RX overflow issue", }, { cve: "CVE-2023-52845", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282759", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52845", }, { category: "external", summary: "RHBZ#2282759", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282759", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52845", url: "https://www.cve.org/CVERecord?id=CVE-2023-52845", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52845", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52845", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING", }, { cve: "CVE-2023-52847", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282717", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv->timeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0 cpu1\n bttv_probe\n ->timer_setup\n ->bttv_set_dma\n ->mod_timer;\nbttv_remove\n ->kfree(btv);\n ->bttv_irq_timeout\n ->USE btv", title: "Vulnerability description", }, { category: "summary", text: "kernel: media: bttv: fix use after free error due to btv->timeout timer", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52847", }, { category: "external", summary: "RHBZ#2282717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282717", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52847", url: "https://www.cve.org/CVERecord?id=CVE-2023-52847", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52847", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52847", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: media: bttv: fix use after free error due to btv->timeout timer", }, { cve: "CVE-2023-52864", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282719", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp->private_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.", title: "Vulnerability description", }, { category: "summary", text: "kernel: platform/x86: wmi: Fix opening of char device", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52864", }, { category: "external", summary: "RHBZ#2282719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282719", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52864", url: "https://www.cve.org/CVERecord?id=CVE-2023-52864", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52864", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52864", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T", }, ], release_date: "2024-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: platform/x86: wmi: Fix opening of char device", }, { cve: "CVE-2024-2201", cwe: { id: "CWE-1423", name: "Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution", }, discovery_date: "2023-11-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268118", }, ], notes: [ { category: "description", text: "A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.", title: "Vulnerability description", }, { category: "summary", text: "hw: cpu: intel: Native Branch History Injection (BHI)", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has very limited visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA and documentation) for releasing this content as a RHSA. For more information please contact the binary content vendor.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-2201", }, { category: "external", summary: "RHBZ#2268118", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268118", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-2201", url: "https://www.cve.org/CVERecord?id=CVE-2024-2201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-2201", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-2201", }, { category: "external", summary: "https://download.vusec.net/papers/inspectre_sec24.pdf", url: "https://download.vusec.net/papers/inspectre_sec24.pdf", }, { category: "external", summary: "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8", url: "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2024/04/09/15", url: "https://www.openwall.com/lists/oss-security/2024/04/09/15", }, { category: "external", summary: "https://www.vusec.net/projects/native-bhi/", url: "https://www.vusec.net/projects/native-bhi/", }, ], release_date: "2024-04-09T04:30:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "hw: cpu: intel: Native Branch History Injection (BHI)", }, { cve: "CVE-2024-21823", discovery_date: "2024-05-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278989", }, ], notes: [ { category: "description", text: "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access", title: "Vulnerability description", }, { category: "summary", text: "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-21823", }, { category: "external", summary: "RHBZ#2278989", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278989", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-21823", url: "https://www.cve.org/CVERecord?id=CVE-2024-21823", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-21823", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21823", }, ], release_date: "2024-05-14T17:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application", }, { cve: "CVE-2024-25739", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, discovery_date: "2024-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2263879", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: crash due to a missing check for leb_size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-25739", }, { category: "external", summary: "RHBZ#2263879", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2263879", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-25739", url: "https://www.cve.org/CVERecord?id=CVE-2024-25739", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-25739", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-25739", }, ], release_date: "2024-02-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: crash due to a missing check for leb_size", }, { cve: "CVE-2024-26586", discovery_date: "2024-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265645", }, ], notes: [ { category: "description", text: "A kernel stack flaw that corrupted the Linux kernel’s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists (ACLs). This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26586", }, { category: "external", summary: "RHBZ#2265645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26586", url: "https://www.cve.org/CVERecord?id=CVE-2024-26586", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26586", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26586", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2024-26586-6632@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2024-26586-6632@gregkh/T/#u", }, ], release_date: "2024-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "To mitigate this issue, prevent the mlxsw_spectrum module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on blacklisting a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption", }, { cve: "CVE-2024-26614", cwe: { id: "CWE-413", name: "Improper Resource Locking", }, discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2269211", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue's spinlocks once\n\nWhen I run syz's reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff <0f> 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n<IRQ>\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n</IRQ>\n<TASK>\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n</TASK>\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: make sure init the accept_queue's spinlocks once", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26614", }, { category: "external", summary: "RHBZ#2269211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269211", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26614", url: "https://www.cve.org/CVERecord?id=CVE-2024-26614", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26614", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26614", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-46-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-46-lee@kernel.org/T", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tcp: make sure init the accept_queue's spinlocks once", }, { cve: "CVE-2024-26640", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-03-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270100", }, ], notes: [ { category: "description", text: "A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: add sanity checks to rx zerocopy", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26640", }, { category: "external", summary: "RHBZ#2270100", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270100", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26640", url: "https://www.cve.org/CVERecord?id=CVE-2024-26640", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26640", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26640", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T", }, ], release_date: "2024-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tcp: add sanity checks to rx zerocopy", }, { cve: "CVE-2024-26660", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272782", }, ], notes: [ { category: "description", text: "A vulnerability was found in the DRM/AMD/Display module of the Linux Kernel. An out-of-bounds access exists in the 'stream_enc_regs' array within DCN301, while accessing the array with 'eng_id,’ could lead to an out-of-bounds access beyond its four-element size, which can cause a system crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26660", }, { category: "external", summary: "RHBZ#2272782", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272782", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26660", url: "https://www.cve.org/CVERecord?id=CVE-2024-26660", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26660", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26660", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26660-3f40@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26660-3f40@gregkh/T", }, ], release_date: "2024-04-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301", }, { cve: "CVE-2024-26669", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272795", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: flower: Fix chain template offload\n\nWhen a qdisc is deleted from a net device the stack instructs the\nunderlying driver to remove its flow offload callback from the\nassociated filter block using the 'FLOW_BLOCK_UNBIND' command. The stack\nthen continues to replay the removal of the filters in the block for\nthis driver by iterating over the chains in the block and invoking the\n'reoffload' operation of the classifier being used. In turn, the\nclassifier in its 'reoffload' operation prepares and emits a\n'FLOW_CLS_DESTROY' command for each filter.\n\nHowever, the stack does not do the same for chain templates and the\nunderlying driver never receives a 'FLOW_CLS_TMPLT_DESTROY' command when\na qdisc is deleted. This results in a memory leak [1] which can be\nreproduced using [2].\n\nFix by introducing a 'tmplt_reoffload' operation and have the stack\ninvoke it with the appropriate arguments as part of the replay.\nImplement the operation in the sole classifier that supports chain\ntemplates (flower) by emitting the 'FLOW_CLS_TMPLT_{CREATE,DESTROY}'\ncommand based on whether a flow offload callback is being bound to a\nfilter block or being unbound from one.\n\nAs far as I can tell, the issue happens since cited commit which\nreordered tcf_block_offload_unbind() before tcf_block_flush_all_chains()\nin __tcf_block_put(). The order cannot be reversed as the filter block\nis expected to be freed after flushing all the chains.\n\n[1]\nunreferenced object 0xffff888107e28800 (size 2048):\n comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)\n hex dump (first 32 bytes):\n b1 a6 7c 11 81 88 ff ff e0 5b b3 10 81 88 ff ff ..|......[......\n 01 00 00 00 00 00 00 00 e0 aa b0 84 ff ff ff ff ................\n backtrace:\n [<ffffffff81c06a68>] __kmem_cache_alloc_node+0x1e8/0x320\n [<ffffffff81ab374e>] __kmalloc+0x4e/0x90\n [<ffffffff832aec6d>] mlxsw_sp_acl_ruleset_get+0x34d/0x7a0\n [<ffffffff832bc195>] mlxsw_sp_flower_tmplt_create+0x145/0x180\n [<ffffffff832b2e1a>] mlxsw_sp_flow_block_cb+0x1ea/0x280\n [<ffffffff83a10613>] tc_setup_cb_call+0x183/0x340\n [<ffffffff83a9f85a>] fl_tmplt_create+0x3da/0x4c0\n [<ffffffff83a22435>] tc_ctl_chain+0xa15/0x1170\n [<ffffffff838a863c>] rtnetlink_rcv_msg+0x3cc/0xed0\n [<ffffffff83ac87f0>] netlink_rcv_skb+0x170/0x440\n [<ffffffff83ac6270>] netlink_unicast+0x540/0x820\n [<ffffffff83ac6e28>] netlink_sendmsg+0x8d8/0xda0\n [<ffffffff83793def>] ____sys_sendmsg+0x30f/0xa80\n [<ffffffff8379d29a>] ___sys_sendmsg+0x13a/0x1e0\n [<ffffffff8379d50c>] __sys_sendmsg+0x11c/0x1f0\n [<ffffffff843b9ce0>] do_syscall_64+0x40/0xe0\nunreferenced object 0xffff88816d2c0400 (size 1024):\n comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)\n hex dump (first 32 bytes):\n 40 00 00 00 00 00 00 00 57 f6 38 be 00 00 00 00 @.......W.8.....\n 10 04 2c 6d 81 88 ff ff 10 04 2c 6d 81 88 ff ff ..,m......,m....\n backtrace:\n [<ffffffff81c06a68>] __kmem_cache_alloc_node+0x1e8/0x320\n [<ffffffff81ab36c1>] __kmalloc_node+0x51/0x90\n [<ffffffff81a8ed96>] kvmalloc_node+0xa6/0x1f0\n [<ffffffff82827d03>] bucket_table_alloc.isra.0+0x83/0x460\n [<ffffffff82828d2b>] rhashtable_init+0x43b/0x7c0\n [<ffffffff832aed48>] mlxsw_sp_acl_ruleset_get+0x428/0x7a0\n [<ffffffff832bc195>] mlxsw_sp_flower_tmplt_create+0x145/0x180\n [<ffffffff832b2e1a>] mlxsw_sp_flow_block_cb+0x1ea/0x280\n [<ffffffff83a10613>] tc_setup_cb_call+0x183/0x340\n [<ffffffff83a9f85a>] fl_tmplt_create+0x3da/0x4c0\n [<ffffffff83a22435>] tc_ctl_chain+0xa15/0x1170\n [<ffffffff838a863c>] rtnetlink_rcv_msg+0x3cc/0xed0\n [<ffffffff83ac87f0>] netlink_rcv_skb+0x170/0x440\n [<ffffffff83ac6270>] netlink_unicast+0x540/0x820\n [<ffffffff83ac6e28>] netlink_sendmsg+0x8d8/0xda0\n [<ffffffff83793def>] ____sys_sendmsg+0x30f/0xa80\n\n[2]\n # tc qdisc add dev swp1 clsact\n # tc chain add dev swp1 ingress proto ip chain 1 flower dst_ip 0.0.0.0/32\n # tc qdisc del dev\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sched: flower: Fix chain template offload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26669", }, { category: "external", summary: "RHBZ#2272795", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272795", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26669", url: "https://www.cve.org/CVERecord?id=CVE-2024-26669", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26669", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26669", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T", }, ], release_date: "2024-04-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net/sched: flower: Fix chain template offload", }, { cve: "CVE-2024-26686", cwe: { id: "CWE-413", name: "Improper Resource Locking", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273109", }, ], notes: [ { category: "description", text: "A vulnerability was found in the do_task_stat() function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness.", title: "Vulnerability description", }, { category: "summary", text: "kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26686", }, { category: "external", summary: "RHBZ#2273109", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273109", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26686", url: "https://www.cve.org/CVERecord?id=CVE-2024-26686", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26686", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26686", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats", }, { cve: "CVE-2024-26704", cwe: { id: "CWE-415", name: "Double Free", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273174", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel. This issue occurs in the ext4 function, in ext4_move_extents(), where an error in updating the moved_len variable can lead to double-free of blocks and corrupt block accounting. This could lead to crashes or undefined behavior.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: fix double-free of blocks due to wrong extents moved_len", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as moderate because this issue could lead to ext4 file system crashes or undefined behavior on the system.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26704", }, { category: "external", summary: "RHBZ#2273174", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273174", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26704", url: "https://www.cve.org/CVERecord?id=CVE-2024-26704", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26704", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26704", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040340-CVE-2024-26704-a082@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040340-CVE-2024-26704-a082@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ext4: fix double-free of blocks due to wrong extents moved_len", }, { cve: "CVE-2024-26733", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273247", }, ], notes: [ { category: "description", text: "A vulnerability was found in the arp_req_get() function in the Linux kernel when handling the SIOCGARP ioctl (input/output control) request. This function copies data over into a fixed-length buffer which could result in a buffer overflow and cause memory corruption, undefined behavior, or crashes.", title: "Vulnerability description", }, { category: "summary", text: "kernel: arp: Prevent overflow in arp_req_get().", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26733", }, { category: "external", summary: "RHBZ#2273247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273247", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26733", url: "https://www.cve.org/CVERecord?id=CVE-2024-26733", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26733", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26733", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040358-CVE-2024-26733-617f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040358-CVE-2024-26733-617f@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: arp: Prevent overflow in arp_req_get().", }, { cve: "CVE-2024-26740", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273268", }, ], notes: [ { category: "description", text: "A potential deadlock flaw was found in net/sched/act_mirred.c in the Linux kernel. This may lead to compromised Availability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sched: act_mirred: use the backlog for mirred ingress", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26740", }, { category: "external", summary: "RHBZ#2273268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273268", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26740", url: "https://www.cve.org/CVERecord?id=CVE-2024-26740", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26740", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26740", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040300-CVE-2024-26740-4d6f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040300-CVE-2024-26740-4d6f@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/sched: act_mirred: use the backlog for mirred ingress", }, { cve: "CVE-2024-26772", cwe: { id: "CWE-229", name: "Improper Handling of Values", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273242", }, ], notes: [ { category: "description", text: "A vulnerability was found in the ext4_mb_find_by_goal() function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26772", }, { category: "external", summary: "RHBZ#2273242", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273242", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26772", url: "https://www.cve.org/CVERecord?id=CVE-2024-26772", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26772", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26772", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()", }, { cve: "CVE-2024-26773", cwe: { id: "CWE-229", name: "Improper Handling of Values", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273236", }, ], notes: [ { category: "description", text: "A vulnerability was found in the ext4_mb_try_best_found() function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26773", }, { category: "external", summary: "RHBZ#2273236", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273236", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26773", url: "https://www.cve.org/CVERecord?id=CVE-2024-26773", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26773", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26773", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26773-a314@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26773-a314@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()", }, { cve: "CVE-2024-26802", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-04-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273427", }, ], notes: [ { category: "description", text: "A vulnerability was found in the `stmmac` ethernet driver of the Linux kernel, where a workqueue variable was not cleared after being destroyed. This issue could lead to kernel panics if the code later attempted to access or destroy the already-freed workqueue.", title: "Vulnerability description", }, { category: "summary", text: "kernel: stmmac: Clear variable when destroying workqueue", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26802", }, { category: "external", summary: "RHBZ#2273427", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273427", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26802", url: "https://www.cve.org/CVERecord?id=CVE-2024-26802", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26802", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26802", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040403-CVE-2024-26802-b3da@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040403-CVE-2024-26802-b3da@gregkh/T", }, ], release_date: "2024-04-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: stmmac: Clear variable when destroying workqueue", }, { cve: "CVE-2024-26810", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-04-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273654", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.", title: "Vulnerability description", }, { category: "summary", text: "kernel: vfio/pci: Lock external INTx masking ops", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26810", }, { category: "external", summary: "RHBZ#2273654", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273654", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26810", url: "https://www.cve.org/CVERecord?id=CVE-2024-26810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26810", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26810", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040548-CVE-2024-26810-4371@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040548-CVE-2024-26810-4371@gregkh/T", }, ], release_date: "2024-04-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: vfio/pci: Lock external INTx masking ops", }, { cve: "CVE-2024-26837", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275580", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A race condition in network bridge management could lead to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26837", }, { category: "external", summary: "RHBZ#2275580", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275580", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26837", url: "https://www.cve.org/CVERecord?id=CVE-2024-26837", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26837", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26837", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26837-753c@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26837-753c@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload", }, { cve: "CVE-2024-26840", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275573", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [<ffffffff8eb8a1a5>] kmem_cache_alloc+0x2d5/0x370\n [<ffffffff8e917f86>] prepare_creds+0x26/0x2e0\n [<ffffffffc002eeef>] cachefiles_determine_cache_security+0x1f/0x120\n [<ffffffffc00243ec>] cachefiles_add_cache+0x13c/0x3a0\n [<ffffffffc0025216>] cachefiles_daemon_write+0x146/0x1c0\n [<ffffffff8ebc4a3b>] vfs_write+0xcb/0x520\n [<ffffffff8ebc5069>] ksys_write+0x69/0xf0\n [<ffffffff8f6d4662>] do_syscall_64+0x72/0x140\n [<ffffffff8f8000aa>] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.", title: "Vulnerability description", }, { category: "summary", text: "kernel: cachefiles: fix memory leak in cachefiles_add_cache()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26840", }, { category: "external", summary: "RHBZ#2275573", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275573", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26840", url: "https://www.cve.org/CVERecord?id=CVE-2024-26840", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26840", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26840", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: cachefiles: fix memory leak in cachefiles_add_cache()", }, { cve: "CVE-2024-26843", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275565", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: efi: runtime: Fix potential overflow of soft-reserved region size", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26843", }, { category: "external", summary: "RHBZ#2275565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26843", url: "https://www.cve.org/CVERecord?id=CVE-2024-26843", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26843", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26843", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041716-CVE-2024-26843-51a0@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041716-CVE-2024-26843-51a0@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: efi: runtime: Fix potential overflow of soft-reserved region size", }, { cve: "CVE-2024-26852", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275761", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in ip6_route_mpath_notify() in the Linux kernel. This may lead to a crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26852", }, { category: "external", summary: "RHBZ#2275761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26852", url: "https://www.cve.org/CVERecord?id=CVE-2024-26852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26852", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26852", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26852-0057@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26852-0057@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()", }, { cve: "CVE-2024-26853", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275748", }, ], notes: [ { category: "description", text: "A memory corruption flaw was found in the Linux kernel’s Intel(R) Ethernet Controller I225-LM/I225-V driver in how a user generates a high amount of packets. This flaw allows a local user to crash the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: igc: avoid returning frame twice in XDP_REDIRECT", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26853", }, { category: "external", summary: "RHBZ#2275748", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275748", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26853", url: "https://www.cve.org/CVERecord?id=CVE-2024-26853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26853", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26853", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: igc: avoid returning frame twice in XDP_REDIRECT", }, { cve: "CVE-2024-26870", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275711", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A system error can be reliably replicated with specific filesystem settings, allowing an attacker to cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26870", }, { category: "external", summary: "RHBZ#2275711", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275711", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26870", url: "https://www.cve.org/CVERecord?id=CVE-2024-26870", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26870", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26870", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102", }, { cve: "CVE-2024-26878", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275694", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(&dquots[cnt]->dq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode's quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let's fix it by using a temporary pointer to avoid this issue.", title: "Vulnerability description", }, { category: "summary", text: "kernel: quota: Fix potential NULL pointer dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26878", }, { category: "external", summary: "RHBZ#2275694", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275694", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26878", url: "https://www.cve.org/CVERecord?id=CVE-2024-26878", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26878", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26878", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041740-CVE-2024-26878-5748@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041740-CVE-2024-26878-5748@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: quota: Fix potential NULL pointer dereference", }, { cve: "CVE-2024-26921", cwe: { id: "CWE-124", name: "Buffer Underwrite ('Buffer Underflow')", }, discovery_date: "2024-04-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275928", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb->sk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb->sk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead->sk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff->sk member, we must move the\noffset into the FRAG_CB, else skb->sk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won't continue past reasm engine.\n\nIn the latter case, we will steal the skb->sk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.", title: "Vulnerability description", }, { category: "summary", text: "kernel: inet: inet_defrag: prevent sk release while still in use", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26921", }, { category: "external", summary: "RHBZ#2275928", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275928", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26921", url: "https://www.cve.org/CVERecord?id=CVE-2024-26921", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26921", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26921", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041819-CVE-2024-26921-e3b3@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041819-CVE-2024-26921-e3b3@gregkh/T", }, ], release_date: "2024-04-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: inet: inet_defrag: prevent sk release while still in use", }, { cve: "CVE-2024-26925", cwe: { id: "CWE-667", name: "Improper Locking", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2277166", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel’s Netfilter nf_tables module. The issue arises from improper mutex handling during the garbage collection (GC) process. The problem occurs between the critical functions nft_gc_seq_begin() and nft_gc_seq_end(), where a mutex lock is incorrectly released too early, leading to potential race conditions. This issue could allow an asynchronous GC worker to collect expired objects and improperly obtain the released commit lock within the same sequence, potentially causing system instability or data corruption.\nThis vulnerability can be exploited by attackers with local access, leading to unexpected behavior or even privilege escalation under certain conditions. The kernel patch for this issue moves the mutex release to the correct point, ensuring the sequence completes safely before releasing any locks.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26925", }, { category: "external", summary: "RHBZ#2277166", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277166", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26925", url: "https://www.cve.org/CVERecord?id=CVE-2024-26925", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26925", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26925", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024042421-CVE-2024-26925-7c19@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024042421-CVE-2024-26925-7c19@gregkh/T", }, ], release_date: "2024-04-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path", }, { cve: "CVE-2024-26940", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278218", }, ], notes: [ { category: "description", text: "A flaw was found in the vmwgfx module in the Linux kernel. Trying to read the /sys/kernel/debug/dri/0/mob_ttm file when the ttm_resource_manager is not allocated will cause a crash, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed", title: "Vulnerability summary", }, { category: "other", text: "This issue can allow a local attacker to cause a system crash, resulting in a denial of service.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26940", }, { category: "external", summary: "RHBZ#2278218", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278218", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26940", url: "https://www.cve.org/CVERecord?id=CVE-2024-26940", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26940", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26940", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26940-1785@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26940-1785@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Do not try to read the /sys/kernel/debug/dri/0/mob_ttm file.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed", }, { cve: "CVE-2024-26958", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278182", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in fs/nfs/direct.c in the Linux kernel. This may lead to a crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: nfs: fix UAF in direct writes", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26958", }, { category: "external", summary: "RHBZ#2278182", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278182", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26958", url: "https://www.cve.org/CVERecord?id=CVE-2024-26958", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26958", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26958", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26958-6c15@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26958-6c15@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: nfs: fix UAF in direct writes", }, { cve: "CVE-2024-26960", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278178", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven't been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn't present in get_swap_device()\nbecause it doesn't make sense in general due to the race between getting\nthe reference and swapoff. So I've added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8<-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff->try_to_unuse() will stop as soon as soon as si->inuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi->inuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-> count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-> count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()->folio_free_swap()->delete_from_swap_cache()->\nput_swap_folio()->free_swap_slot()->swapcache_free_entries()->\nswap_entry_free()->swap_range_free()->\n...\nWRITE_ONCE(si->inuse_pages, si->inuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8<-----", title: "Vulnerability description", }, { category: "summary", text: "kernel: mm: swap: fix race between free_swap_and_cache() and swapoff()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26960", }, { category: "external", summary: "RHBZ#2278178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278178", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26960", url: "https://www.cve.org/CVERecord?id=CVE-2024-26960", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26960", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26960", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: mm: swap: fix race between free_swap_and_cache() and swapoff()", }, { cve: "CVE-2024-26961", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278176", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux Kernel where resources are improperly managed in IEEE 802.15.4 networking, leading to a potential use-after-free issue, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26961", }, { category: "external", summary: "RHBZ#2278176", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278176", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26961", url: "https://www.cve.org/CVERecord?id=CVE-2024-26961", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26961", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26961", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del", }, { cve: "CVE-2024-27010", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278279", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix mirred deadlock on device recursion\n\nWhen the mirred action is used on a classful egress qdisc and a packet is\nmirrored or redirected to self we hit a qdisc lock deadlock.\nSee trace below.\n\n[..... other info removed for brevity....]\n[ 82.890906]\n[ 82.890906] ============================================\n[ 82.890906] WARNING: possible recursive locking detected\n[ 82.890906] 6.8.0-05205-g77fadd89fe2d-dirty #213 Tainted: G W\n[ 82.890906] --------------------------------------------\n[ 82.890906] ping/418 is trying to acquire lock:\n[ 82.890906] ffff888006994110 (&sch->q.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] but task is already holding lock:\n[ 82.890906] ffff888006994110 (&sch->q.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] other info that might help us debug this:\n[ 82.890906] Possible unsafe locking scenario:\n[ 82.890906]\n[ 82.890906] CPU0\n[ 82.890906] ----\n[ 82.890906] lock(&sch->q.lock);\n[ 82.890906] lock(&sch->q.lock);\n[ 82.890906]\n[ 82.890906] *** DEADLOCK ***\n[ 82.890906]\n[..... other info removed for brevity....]\n\nExample setup (eth0->eth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nAnother example(eth0->eth1->eth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth1\n\ntc qdisc add dev eth1 root handle 1: htb default 30\ntc filter add dev eth1 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nWe fix this by adding an owner field (CPU id) to struct Qdisc set after\nroot qdisc is entered. When the softirq enters it a second time, if the\nqdisc owner is the same CPU, the packet is dropped to break the loop.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sched: Fix mirred deadlock on device recursion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27010", }, { category: "external", summary: "RHBZ#2278279", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278279", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27010", url: "https://www.cve.org/CVERecord?id=CVE-2024-27010", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27010", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27010", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net/sched: Fix mirred deadlock on device recursion", }, { cve: "CVE-2024-27011", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278277", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix memleak in map from abort path\n\nThe delete set command does not rely on the transaction object for\nelement removal, therefore, a combination of delete element + delete set\nfrom the abort path could result in restoring twice the refcount of the\nmapping.\n\nCheck for inactive element in the next generation for the delete element\ncommand in the abort path, skip restoring state if next generation bit\nhas been already cleared. This is similar to the activate logic using\nthe set walk iterator.\n\n[ 6170.286929] ------------[ cut here ]------------\n[ 6170.286939] WARNING: CPU: 6 PID: 790302 at net/netfilter/nf_tables_api.c:2086 nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287071] Modules linked in: [...]\n[ 6170.287633] CPU: 6 PID: 790302 Comm: kworker/6:2 Not tainted 6.9.0-rc3+ #365\n[ 6170.287768] RIP: 0010:nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287886] Code: df 48 8d 7d 58 e8 69 2e 3b df 48 8b 7d 58 e8 80 1b 37 df 48 8d 7d 68 e8 57 2e 3b df 48 8b 7d 68 e8 6e 1b 37 df 48 89 ef eb c4 <0f> 0b 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 0f\n[ 6170.287895] RSP: 0018:ffff888134b8fd08 EFLAGS: 00010202\n[ 6170.287904] RAX: 0000000000000001 RBX: ffff888125bffb28 RCX: dffffc0000000000\n[ 6170.287912] RDX: 0000000000000003 RSI: ffffffffa20298ab RDI: ffff88811ebe4750\n[ 6170.287919] RBP: ffff88811ebe4700 R08: ffff88838e812650 R09: fffffbfff0623a55\n[ 6170.287926] R10: ffffffff8311d2af R11: 0000000000000001 R12: ffff888125bffb10\n[ 6170.287933] R13: ffff888125bffb10 R14: dead000000000122 R15: dead000000000100\n[ 6170.287940] FS: 0000000000000000(0000) GS:ffff888390b00000(0000) knlGS:0000000000000000\n[ 6170.287948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6170.287955] CR2: 00007fd31fc00710 CR3: 0000000133f60004 CR4: 00000000001706f0\n[ 6170.287962] Call Trace:\n[ 6170.287967] <TASK>\n[ 6170.287973] ? __warn+0x9f/0x1a0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.288104] ? handle_bug+0x3c/0x70\n[ 6170.288112] ? exc_invalid_op+0x17/0x40\n[ 6170.288120] ? asm_exc_invalid_op+0x1a/0x20\n[ 6170.288132] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288243] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288366] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288483] nf_tables_trans_destroy_work+0x588/0x590 [nf_tables]", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: fix memleak in map from abort path", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27011", }, { category: "external", summary: "RHBZ#2278277", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278277", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27011", url: "https://www.cve.org/CVERecord?id=CVE-2024-27011", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27011", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27011", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: netfilter: nf_tables: fix memleak in map from abort path", }, { cve: "CVE-2024-27019", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278258", }, ], notes: [ { category: "description", text: "A potential data-race flaw was found in __nft_obj_type_get() in the Linux kernel. This issue can lead to a crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27019", }, { category: "external", summary: "RHBZ#2278258", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278258", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27019", url: "https://www.cve.org/CVERecord?id=CVE-2024-27019", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27019", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27019", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27019-e3d4@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27019-e3d4@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()", }, { cve: "CVE-2024-27020", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278256", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A potential data-race in the __nft_expr_type_get() function exists.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27020", }, { category: "external", summary: "RHBZ#2278256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278256", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27020", url: "https://www.cve.org/CVERecord?id=CVE-2024-27020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27020", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27020", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27020-5158@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27020-5158@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()", }, { cve: "CVE-2024-27025", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278484", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: null check for nla_nest_start\n\nnla_nest_start() may fail and return NULL. Insert a check and set errno\nbased on other call sites within the same source code.", title: "Vulnerability description", }, { category: "summary", text: "kernel: nbd: null check for nla_nest_start", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27025", }, { category: "external", summary: "RHBZ#2278484", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278484", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27025", url: "https://www.cve.org/CVERecord?id=CVE-2024-27025", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27025", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27025", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: nbd: null check for nla_nest_start", }, { cve: "CVE-2024-27065", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278380", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not compare internal table flags on updates\n\nRestore skipping transaction if table update does not modify flags.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: do not compare internal table flags on updates", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27065", }, { category: "external", summary: "RHBZ#2278380", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278380", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27065", url: "https://www.cve.org/CVERecord?id=CVE-2024-27065", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27065", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27065", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27065-8c9d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27065-8c9d@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: netfilter: nf_tables: do not compare internal table flags on updates", }, { cve: "CVE-2024-27388", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278535", }, ], notes: [ { category: "description", text: "A flaw was found in the auth_rpcgss module in the Linux kernel. A memory leak can occur due to improper error handling, potentially impacting system performance and possibly resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: SUNRPC: fix some memleaks in gssx_dec_option_array", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability does not affect the auth_rpcgss module in the Linux kernel as shipped in Red Hat Enterprise Linux 9 because it already contains the fix for this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27388", }, { category: "external", summary: "RHBZ#2278535", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278535", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27388", url: "https://www.cve.org/CVERecord?id=CVE-2024-27388", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27388", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27388", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: SUNRPC: fix some memleaks in gssx_dec_option_array", }, { cve: "CVE-2024-27395", discovery_date: "2024-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2280440", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27395", }, { category: "external", summary: "RHBZ#2280440", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2280440", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27395", url: "https://www.cve.org/CVERecord?id=CVE-2024-27395", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27395", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27395", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27395-573e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27395-573e@gregkh/T", }, ], release_date: "2024-05-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit", }, { cve: "CVE-2024-27434", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281133", }, ], notes: [ { category: "description", text: "CVE-2024-27434 is a flaw in the Linux kernel’s iwlwifi driver related to handling Management Frame Protection (MFP) in certain Wi-Fi configurations. When connecting to an access point using TKIP as the group cipher, the driver incorrectly applies the MFP flag to the Group Temporal Key (GTK), which is not supported in this context. This can result in firmware crashes and instability. The issue has been fixed by ensuring the driver does not set the MFP flag for incompatible group ciphers like TKIP. Updating to a patched kernel version is recommended to resolve this vulnerability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27434", }, { category: "external", summary: "RHBZ#2281133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27434", url: "https://www.cve.org/CVERecord?id=CVE-2024-27434", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27434", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27434", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK", }, { cve: "CVE-2024-31076", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293684", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd->move_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU's vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd->prev_vector because the interrupt isn't currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn't reclaim apicd->prev_vector; instead, it simply resets both\napicd->move_in_progress and apicd->prev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd->prev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd->move_in_progress with apicd->prev_cpu pointing to an offline CPU.", title: "Vulnerability description", }, { category: "summary", text: "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-31076", }, { category: "external", summary: "RHBZ#2293684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293684", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-31076", url: "https://www.cve.org/CVERecord?id=CVE-2024-31076", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-31076", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-31076", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline", }, { cve: "CVE-2024-33621", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293657", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound\n\nRaw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will\nhit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path.\n\nWARNING: CPU: 2 PID: 0 at net/core/sock.c:775 sk_mc_loop+0x2d/0x70\nModules linked in: sch_netem ipvlan rfkill cirrus drm_shmem_helper sg drm_kms_helper\nCPU: 2 PID: 0 Comm: swapper/2 Kdump: loaded Not tainted 6.9.0+ #279\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:sk_mc_loop+0x2d/0x70\nCode: fa 0f 1f 44 00 00 65 0f b7 15 f7 96 a3 4f 31 c0 66 85 d2 75 26 48 85 ff 74 1c\nRSP: 0018:ffffa9584015cd78 EFLAGS: 00010212\nRAX: 0000000000000011 RBX: ffff91e585793e00 RCX: 0000000002c6a001\nRDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff91e589c0f000\nRBP: ffff91e5855bd100 R08: 0000000000000000 R09: 3d00545216f43d00\nR10: ffff91e584fdcc50 R11: 00000060dd8616f4 R12: ffff91e58132d000\nR13: ffff91e584fdcc68 R14: ffff91e5869ce800 R15: ffff91e589c0f000\nFS: 0000000000000000(0000) GS:ffff91e898100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f788f7c44c0 CR3: 0000000008e1a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<IRQ>\n ? __warn (kernel/panic.c:693)\n ? sk_mc_loop (net/core/sock.c:760)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:239)\n ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? sk_mc_loop (net/core/sock.c:760)\n ip6_finish_output2 (net/ipv6/ip6_output.c:83 (discriminator 1))\n ? nf_hook_slow (net/netfilter/core.c:626)\n ip6_finish_output (net/ipv6/ip6_output.c:222)\n ? __pfx_ip6_finish_output (net/ipv6/ip6_output.c:215)\n ipvlan_xmit_mode_l3 (drivers/net/ipvlan/ipvlan_core.c:602) ipvlan\n ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:226) ipvlan\n dev_hard_start_xmit (net/core/dev.c:3594)\n sch_direct_xmit (net/sched/sch_generic.c:343)\n __qdisc_run (net/sched/sch_generic.c:416)\n net_tx_action (net/core/dev.c:5286)\n handle_softirqs (kernel/softirq.c:555)\n __irq_exit_rcu (kernel/softirq.c:589)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043)\n\nThe warning triggers as this:\npacket_sendmsg\n packet_snd //skb->sk is packet sk\n __dev_queue_xmit\n __dev_xmit_skb //q->enqueue is not NULL\n __qdisc_run\n sch_direct_xmit\n dev_hard_start_xmit\n ipvlan_start_xmit\n ipvlan_xmit_mode_l3 //l3 mode\n ipvlan_process_outbound //vepa flag\n ipvlan_process_v6_outbound\n ip6_local_out\n __ip6_finish_output\n ip6_finish_output2 //multicast packet\n sk_mc_loop //sk->sk_family is AF_PACKET\n\nCall ip{6}_local_out() with NULL sk in ipvlan as other tunnels to fix this.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-33621", }, { category: "external", summary: "RHBZ#2293657", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293657", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-33621", url: "https://www.cve.org/CVERecord?id=CVE-2024-33621", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-33621", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-33621", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound", }, { cve: "CVE-2024-35790", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281054", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group\n\nThe DisplayPort driver's sysfs nodes may be present to the userspace before\ntypec_altmode_set_drvdata() completes in dp_altmode_probe. This means that\na sysfs read can trigger a NULL pointer error by deferencing dp->hpd in\nhpd_show or dp->lock in pin_assignment_show, as dev_get_drvdata() returns\nNULL in those cases.\n\nRemove manual sysfs node creation in favor of adding attribute group as\ndefault for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is\nnot used here otherwise the path to the sysfs nodes is no longer compliant\nwith the ABI.", title: "Vulnerability description", }, { category: "summary", text: "kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35790", }, { category: "external", summary: "RHBZ#2281054", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281054", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35790", url: "https://www.cve.org/CVERecord?id=CVE-2024-35790", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35790", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35790", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051708-CVE-2024-35790-6a80@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051708-CVE-2024-35790-6a80@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group", }, { cve: "CVE-2024-35801", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281235", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Keep xfd_state in sync with MSR_IA32_XFD\n\nCommit 672365477ae8 (\"x86/fpu: Update XFD state where required\") and\ncommit 8bf26758ca96 (\"x86/fpu: Add XFD state to fpstate\") introduced a\nper CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in\norder to avoid unnecessary writes to the MSR.\n\nOn CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which\nwipes out any stale state. But the per CPU cached xfd value is not\nreset, which brings them out of sync.\n\nAs a consequence a subsequent xfd_update_state() might fail to update\nthe MSR which in turn can result in XRSTOR raising a #NM in kernel\nspace, which crashes the kernel.\n\nTo fix this, introduce xfd_set_state() to write xfd_state together\nwith MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.", title: "Vulnerability description", }, { category: "summary", text: "kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35801", }, { category: "external", summary: "RHBZ#2281235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281235", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35801", url: "https://www.cve.org/CVERecord?id=CVE-2024-35801", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35801", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35801", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD", }, { cve: "CVE-2024-35807", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281221", }, ], notes: [ { category: "description", text: "A vulnerability was found in the ext4 filesystem in the Linux kernel during on-line resizing operations. When an ext4 filesystem is resized while mounted, it could lead to data corruption.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: fix corruption during on-line resize", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35807", }, { category: "external", summary: "RHBZ#2281221", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281221", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35807", url: "https://www.cve.org/CVERecord?id=CVE-2024-35807", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35807", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35807", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35807-2a9e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35807-2a9e@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ext4: fix corruption during on-line resize", }, { cve: "CVE-2024-35810", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281215", }, ], notes: [ { category: "description", text: "A vulnerability was found in the drm/vmwgfx driver in the Linux kernel, concerning the lifetime management of the buffer object (BO) cursor memory. This issue occurs due to improper handling of the cursor memory's lifecycle, which could lead to use-after-free errors or crashes.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35810", }, { category: "external", summary: "RHBZ#2281215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281215", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35810", url: "https://www.cve.org/CVERecord?id=CVE-2024-35810", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35810", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35810", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35810-1b33@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35810-1b33@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory", }, { cve: "CVE-2024-35814", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281207", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: Fix double-allocation of slots due to broken alignment handling\n\nCommit bbb73a103fbb (\"swiotlb: fix a braino in the alignment check fix\"),\nwhich was a fix for commit 0eee5ae10256 (\"swiotlb: fix slot alignment\nchecks\"), causes a functional regression with vsock in a virtual machine\nusing bouncing via a restricted DMA SWIOTLB pool.\n\nWhen virtio allocates the virtqueues for the vsock device using\ndma_alloc_coherent(), the SWIOTLB search can return page-unaligned\nallocations if 'area->index' was left unaligned by a previous allocation\nfrom the buffer:\n\n # Final address in brackets is the SWIOTLB address returned to the caller\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1645-1649/7168 (0x98326800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1649-1653/7168 (0x98328800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1653-1657/7168 (0x9832a800)\n\nThis ends badly (typically buffer corruption and/or a hang) because\nswiotlb_alloc() is expecting a page-aligned allocation and so blindly\nreturns a pointer to the 'struct page' corresponding to the allocation,\ntherefore double-allocating the first half (2KiB slot) of the 4KiB page.\n\nFix the problem by treating the allocation alignment separately to any\nadditional alignment requirements from the device, using the maximum\nof the two as the stride to search the buffer slots and taking care\nto ensure a minimum of page-alignment for buffers larger than a page.\n\nThis also resolves swiotlb allocation failures occuring due to the\ninclusion of ~PAGE_MASK in 'iotlb_align_mask' for large allocations and\nresulting in alignment requirements exceeding swiotlb_max_mapping_size().", title: "Vulnerability description", }, { category: "summary", text: "kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35814", }, { category: "external", summary: "RHBZ#2281207", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281207", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35814", url: "https://www.cve.org/CVERecord?id=CVE-2024-35814", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35814", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35814", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051742-CVE-2024-35814-98c7@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051742-CVE-2024-35814-98c7@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling", }, { cve: "CVE-2024-35847", discovery_date: "2024-05-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281268", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]", title: "Vulnerability description", }, { category: "summary", text: "kernel: irqchip/gic-v3-its: Prevent double free on error", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35847", }, { category: "external", summary: "RHBZ#2281268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281268", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35847", url: "https://www.cve.org/CVERecord?id=CVE-2024-35847", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35847", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35847", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35847-7e4b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35847-7e4b@gregkh/T", }, ], release_date: "2024-05-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: irqchip/gic-v3-its: Prevent double free on error", }, { cve: "CVE-2024-35876", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281725", }, ], notes: [ { category: "description", text: "[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mce: Make sure to grab mce_sysfs_mutex in set_bank()\n\nThe Linux kernel CVE team has assigned CVE-2024-35876 to this issue.\n\nUpstream advisory:\nhttps://lore.kernel.org/linux-cve-announce/2024051943-CVE-2024-35876-d9b5@gregkh/T", title: "Vulnerability description", }, { category: "summary", text: "kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()", title: "Vulnerability summary", }, { category: "other", text: "This CVE has been rejected upstream:\nhttps://lore.kernel.org/linux-cve-announce/2024052306-REJECTED-8d1c@gregkh/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35876", }, { category: "external", summary: "RHBZ#2281725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281725", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35876", url: "https://www.cve.org/CVERecord?id=CVE-2024-35876", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35876", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35876", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051943-CVE-2024-35876-d9b5@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051943-CVE-2024-35876-d9b5@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()", }, { cve: "CVE-2024-35893", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281682", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: prevent kernel-infoleak\n\nsyzbot found that tcf_skbmod_dump() was copying four bytes\nfrom kernel stack to user space [1].\n\nThe issue here is that 'struct tc_skbmod' has a four bytes hole.\n\nWe need to clear the structure before filling fields.\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n copy_to_iter include/linux/uio.h:196 [inline]\n simple_copy_to_iter net/core/datagram.c:532 [inline]\n __skb_datagram_iter+0x185/0x1000 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:4050 [inline]\n netlink_recvmsg+0x432/0x1610 net/netlink/af_netlink.c:1962\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x2c4/0x340 net/socket.c:1068\n __sys_recvfrom+0x35a/0x5f0 net/socket.c:2242\n __do_sys_recvfrom net/socket.c:2260 [inline]\n __se_sys_recvfrom net/socket.c:2256 [inline]\n __x64_sys_recvfrom+0x126/0x1d0 net/socket.c:2256\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n pskb_expand_head+0x30f/0x19d0 net/core/skbuff.c:2253\n netlink_trim+0x2c2/0x330 net/netlink/af_netlink.c:1317\n netlink_unicast+0x9f/0x1260 net/netlink/af_netlink.c:1351\n nlmsg_unicast include/net/netlink.h:1144 [inline]\n nlmsg_notify+0x21d/0x2f0 net/netlink/af_netlink.c:2610\n rtnetlink_send+0x73/0x90 net/core/rtnetlink.c:741\n rtnetlink_maybe_send include/linux/rtnetlink.h:17 [inline]\n tcf_add_notify net/sched/act_api.c:2048 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x146e/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2559\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6613\n netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]\n netlink_unicast+0xf4c/0x1260 net/netlink/af_netlink.c:1361\n netlink_sendmsg+0x10df/0x11f0 net/netlink/af_netlink.c:1905\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n __nla_put lib/nlattr.c:1041 [inline]\n nla_put+0x1c6/0x230 lib/nlattr.c:1099\n tcf_skbmod_dump+0x23f/0xc20 net/sched/act_skbmod.c:256\n tcf_action_dump_old net/sched/act_api.c:1191 [inline]\n tcf_action_dump_1+0x85e/0x970 net/sched/act_api.c:1227\n tcf_action_dump+0x1fd/0x460 net/sched/act_api.c:1251\n tca_get_fill+0x519/0x7a0 net/sched/act_api.c:1628\n tcf_add_notify_msg net/sched/act_api.c:2023 [inline]\n tcf_add_notify net/sched/act_api.c:2042 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x1365/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netli\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sched: act_skbmod: prevent kernel-infoleak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35893", }, { category: "external", summary: "RHBZ#2281682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35893", url: "https://www.cve.org/CVERecord?id=CVE-2024-35893", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35893", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35893", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051949-CVE-2024-35893-5132@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051949-CVE-2024-35893-5132@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net/sched: act_skbmod: prevent kernel-infoleak", }, { cve: "CVE-2024-35896", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281675", }, ], notes: [ { category: "description", text: "CVE-2024-35896 is a vulnerability in the Linux kernel's Netfilter component, where the setsockopt function fails to properly validate the length of user-supplied data before copying it into kernel space. This oversight can lead to out-of-bounds memory access, potentially causing system crashes or allowing attackers to execute arbitrary code. The issue has been addressed by implementing appropriate checks on the optlen argument to ensure data is correctly sized before being processed. Users are advised to update their Linux kernel to a version that includes this fix to mitigate potential risks.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: validate user input for expected length", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35896", }, { category: "external", summary: "RHBZ#2281675", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281675", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35896", url: "https://www.cve.org/CVERecord?id=CVE-2024-35896", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35896", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35896", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: validate user input for expected length", }, { cve: "CVE-2024-35897", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281672", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35897", }, { category: "external", summary: "RHBZ#2281672", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281672", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35897", url: "https://www.cve.org/CVERecord?id=CVE-2024-35897", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35897", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35897", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion", }, { cve: "CVE-2024-35899", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281667", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's Netfilter framework, specifically within the nf_tables component. The issue arises from a race condition between the exit_net function and the destroy work queue, which can lead to use-after-free errors and potential system instability. This vulnerability has been addressed by making sure that any pending destroy work is flushed before releasing network namespaces, thereby preventing the race condition. Users are advised to update their Linux kernel to a version that includes this fix to maintain system stability and security.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: flush pending destroy work before exit_net release", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35899", }, { category: "external", summary: "RHBZ#2281667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281667", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35899", url: "https://www.cve.org/CVERecord?id=CVE-2024-35899", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35899", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35899", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35899-c56a@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35899-c56a@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: flush pending destroy work before exit_net release", }, { cve: "CVE-2024-35900", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281664", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] <TASK>\n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: reject new basechain after table flag update", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35900", }, { category: "external", summary: "RHBZ#2281664", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281664", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35900", url: "https://www.cve.org/CVERecord?id=CVE-2024-35900", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35900", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35900", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35900-c2c9@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35900-c2c9@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: netfilter: nf_tables: reject new basechain after table flag update", }, { cve: "CVE-2024-35910", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281641", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto 'stop' the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: properly terminate timers for kernel sockets", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35910", }, { category: "external", summary: "RHBZ#2281641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35910", url: "https://www.cve.org/CVERecord?id=CVE-2024-35910", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35910", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35910", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051955-CVE-2024-35910-5f95@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051955-CVE-2024-35910-5f95@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tcp: properly terminate timers for kernel sockets", }, { cve: "CVE-2024-35912", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281636", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: rfi: fix potential response leaks\n\nIf the rx payload length check fails, or if kmemdup() fails,\nwe still need to free the command response. Fix that.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35912", }, { category: "external", summary: "RHBZ#2281636", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281636", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35912", url: "https://www.cve.org/CVERecord?id=CVE-2024-35912", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35912", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35912", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051956-CVE-2024-35912-b093@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051956-CVE-2024-35912-b093@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks", }, { cve: "CVE-2024-35924", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281758", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.", title: "Vulnerability description", }, { category: "summary", text: "kernel: usb: typec: ucsi: Limit read size on v1.2", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35924", }, { category: "external", summary: "RHBZ#2281758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35924", url: "https://www.cve.org/CVERecord?id=CVE-2024-35924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35924", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35924", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: usb: typec: ucsi: Limit read size on v1.2", }, { cve: "CVE-2024-35925", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281752", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.", title: "Vulnerability description", }, { category: "summary", text: "kernel: block: prevent division by zero in blk_rq_stat_sum()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35925", }, { category: "external", summary: "RHBZ#2281752", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281752", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35925", url: "https://www.cve.org/CVERecord?id=CVE-2024-35925", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35925", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35925", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: block: prevent division by zero in blk_rq_stat_sum()", }, { cve: "CVE-2024-35930", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281519", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.", title: "Vulnerability description", }, { category: "summary", text: "kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35930", }, { category: "external", summary: "RHBZ#2281519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281519", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35930", url: "https://www.cve.org/CVERecord?id=CVE-2024-35930", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35930", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35930", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35930-5571@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35930-5571@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()", }, { cve: "CVE-2024-35937", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281821", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there's another subframe in the A-MSDU\nbut the header isn't fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: cfg80211: check A-MSDU format more carefully", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35937", }, { category: "external", summary: "RHBZ#2281821", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281821", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35937", url: "https://www.cve.org/CVERecord?id=CVE-2024-35937", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35937", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35937", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35937-0415@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35937-0415@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: cfg80211: check A-MSDU format more carefully", }, { cve: "CVE-2024-35938", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281819", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: decrease MHI channel buffer length to 8KB\n\nCurrently buf_len field of ath11k_mhi_config_qca6390 is assigned\nwith 0, making MHI use a default size, 64KB, to allocate channel\nbuffers. This is likely to fail in some scenarios where system\nmemory is highly fragmented and memory compaction or reclaim is\nnot allowed.\n\nThere is a fail report which is caused by it:\nkworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0\nCPU: 0 PID: 19318 Comm: kworker/u32:45 Not tainted 6.8.0-rc3-1.gae4495f-default #1 openSUSE Tumbleweed (unreleased) 493b6d5b382c603654d7a81fc3c144d59a1dfceb\nWorkqueue: events_unbound async_run_entry_fn\nCall Trace:\n <TASK>\n dump_stack_lvl+0x47/0x60\n warn_alloc+0x13a/0x1b0\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __alloc_pages_direct_compact+0xab/0x210\n __alloc_pages_slowpath.constprop.0+0xd3e/0xda0\n __alloc_pages+0x32d/0x350\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __kmalloc_large_node+0x72/0x110\n __kmalloc+0x37c/0x480\n ? mhi_map_single_no_bb+0x77/0xf0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __mhi_prepare_for_transfer+0x44/0x80 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? __pfx_____mhi_prepare_for_transfer+0x10/0x10 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n device_for_each_child+0x5c/0xa0\n ? __pfx_pci_pm_resume+0x10/0x10\n ath11k_core_resume+0x65/0x100 [ath11k a5094e22d7223135c40d93c8f5321cf09fd85e4e]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ath11k_pci_pm_resume+0x32/0x60 [ath11k_pci 830b7bfc3ea80ebef32e563cafe2cb55e9cc73ec]\n ? srso_alias_return_thunk+0x5/0xfbef5\n dpm_run_callback+0x8c/0x1e0\n device_resume+0x104/0x340\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x32/0x120\n process_one_work+0x168/0x330\n worker_thread+0x2f5/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe8/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n </TASK>\n\nActually those buffers are used only by QMI target -> host communication.\nAnd for WCN6855 and QCA6390, the largest packet size for that is less\nthan 6KB. So change buf_len field to 8KB, which results in order 1\nallocation if page size is 4KB. In this way, we can at least save some\nmemory, and as well as decrease the possibility of allocation failure\nin those scenarios.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35938", }, { category: "external", summary: "RHBZ#2281819", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281819", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35938", url: "https://www.cve.org/CVERecord?id=CVE-2024-35938", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35938", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35938", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB", }, { cve: "CVE-2024-35946", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281833", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix null pointer access when abort scan\n\nDuring cancel scan we might use vif that weren't scanning.\nFix this by using the actual scanning vif.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: rtw89: fix null pointer access when abort scan", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35946", }, { category: "external", summary: "RHBZ#2281833", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281833", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35946", url: "https://www.cve.org/CVERecord?id=CVE-2024-35946", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35946", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35946", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: rtw89: fix null pointer access when abort scan", }, { cve: "CVE-2024-35947", discovery_date: "2024-05-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281510", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndyndbg: fix old BUG_ON in >control parser\n\nFix a BUG_ON from 2009. Even if it looks \"unreachable\" (I didn't\nreally look), lets make sure by removing it, doing pr_err and return\n-EINVAL instead.", title: "Vulnerability description", }, { category: "summary", text: "kernel: dyndbg: fix old BUG_ON in >control parser", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35947", }, { category: "external", summary: "RHBZ#2281510", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281510", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35947", url: "https://www.cve.org/CVERecord?id=CVE-2024-35947", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35947", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35947", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T", }, ], release_date: "2024-05-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: dyndbg: fix old BUG_ON in >control parser", }, { cve: "CVE-2024-35952", discovery_date: "2024-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281938", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost's VGA driver. Even the most time-consuming task, DP's link\ntraining, is less than 100ms. 200ms should be enough.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/ast: Fix soft lockup", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-35952", }, { category: "external", summary: "RHBZ#2281938", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281938", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-35952", url: "https://www.cve.org/CVERecord?id=CVE-2024-35952", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-35952", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-35952", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052017-CVE-2024-35952-645b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052017-CVE-2024-35952-645b@gregkh/T", }, ], release_date: "2024-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/ast: Fix soft lockup", }, { cve: "CVE-2024-36000", discovery_date: "2024-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281968", }, ], notes: [ { category: "description", text: "CVE-2024-36000 addresses a synchronization issue in the Linux kernel's management of huge pages. The problem arises when multiple threads modify the reservation map concurrently without proper locking, leading to potential inconsistencies and system instability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36000", }, { category: "external", summary: "RHBZ#2281968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281968", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36000", url: "https://www.cve.org/CVERecord?id=CVE-2024-36000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36000", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36000", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T", }, ], release_date: "2024-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge", }, { cve: "CVE-2024-36005", discovery_date: "2024-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281949", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff <0f> 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] <TASK>\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36005", }, { category: "external", summary: "RHBZ#2281949", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281949", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36005", url: "https://www.cve.org/CVERecord?id=CVE-2024-36005", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36005", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36005", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T", }, ], release_date: "2024-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path", }, { cve: "CVE-2024-36006", discovery_date: "2024-05-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2281989", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage\n\nBoth the function that migrates all the chunks within a region and the\nfunction that migrates all the entries within a chunk call\nlist_first_entry() on the respective lists without checking that the\nlists are not empty. This is incorrect usage of the API, which leads to\nthe following warning [1].\n\nFix by returning if the lists are empty as there is nothing to migrate\nin this case.\n\n[1]\nWARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0>\nModules linked in:\nCPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0\n[...]\nCall Trace:\n <TASK>\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n </TASK>", title: "Vulnerability description", }, { category: "summary", text: "kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36006", }, { category: "external", summary: "RHBZ#2281989", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2281989", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36006", url: "https://www.cve.org/CVERecord?id=CVE-2024-36006", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36006", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36006", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T", }, ], release_date: "2024-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage", }, { cve: "CVE-2024-36010", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-05-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2282950", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix string truncation warnings in igb_set_fw_version\n\nCommit 1978d3ead82c (\"intel: fix string truncation warnings\")\nfixes '-Wformat-truncation=' warnings in igb_main.c by using kasprintf.\n\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning:‘%d’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]\ndrivers/net/ethernet/intel/igb/igb_main.c:3090:25: note:‘snprintf’ output between 23 and 43 bytes into a destination of size 32\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\n\nFix this warning by using a larger space for adapter->fw_version,\nand then fall back and continue to use snprintf.", title: "Vulnerability description", }, { category: "summary", text: "kernel: igb: Fix string truncation warnings in igb_set_fw_version", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36010", }, { category: "external", summary: "RHBZ#2282950", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2282950", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36010", url: "https://www.cve.org/CVERecord?id=CVE-2024-36010", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36010", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36010", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052237-CVE-2024-36010-c98b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052237-CVE-2024-36010-c98b@gregkh/T", }, ], release_date: "2024-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: igb: Fix string truncation warnings in igb_set_fw_version", }, { cve: "CVE-2024-36016", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-05-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2283894", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's `n_gsm` driver, affecting the `tty` subsystem. It occurs when switching between basic and advanced option modes in GSM multiplexing, leading to potential out-of-bounds memory writes. This happens because certain state variables, like `gsm->len` and `gsm->state`, are not properly reset during mode changes. The issue could result in memory corruption.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36016", }, { category: "external", summary: "RHBZ#2283894", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2283894", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36016", url: "https://www.cve.org/CVERecord?id=CVE-2024-36016", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36016", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36016", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024052947-CVE-2024-36016-d30a@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024052947-CVE-2024-36016-d30a@gregkh/T", }, ], release_date: "2024-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive()", }, { cve: "CVE-2024-36017", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284417", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.", title: "Vulnerability description", }, { category: "summary", text: "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation", title: "Vulnerability summary", }, { category: "other", text: "Only out of boundary read for some specific condition with precondition could be (that impossible to trigger without privileges for access).", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36017", }, { category: "external", summary: "RHBZ#2284417", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284417", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36017", url: "https://www.cve.org/CVERecord?id=CVE-2024-36017", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36017", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36017", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation", }, { cve: "CVE-2024-36020", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284400", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel’s Ethernet Controller XL710 family driver. This flaw allows a local user to crash the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: i40e: fix vf may be used uninitialized in this function warning", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36020", }, { category: "external", summary: "RHBZ#2284400", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284400", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36020", url: "https://www.cve.org/CVERecord?id=CVE-2024-36020", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36020", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36020", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "To mitigate this issue, prevent the i40e module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: i40e: fix vf may be used uninitialized in this function warning", }, { cve: "CVE-2024-36025", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284421", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's qla2xxx SCSI driver, specifically in the `qla_edif_app_getstats()` function, where an off-by-one error in array access could lead to memory corruption. This issue affects the `app_reply->elem[]` array, where an incorrect comparison allowed out-of-bounds access.", title: "Vulnerability description", }, { category: "summary", text: "kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36025", }, { category: "external", summary: "RHBZ#2284421", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284421", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36025", url: "https://www.cve.org/CVERecord?id=CVE-2024-36025", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36025", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36025", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36025-95e0@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36025-95e0@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()", }, { cve: "CVE-2024-36270", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293653", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: tproxy: bail out if IP has been disabled on the device\n\nsyzbot reports:\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n[..]\nRIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62\nCall Trace:\n nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline]\n nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168\n\n__in_dev_get_rcu() can return NULL, so check for this.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: tproxy: bail out if IP has been disabled on the device", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36270", }, { category: "external", summary: "RHBZ#2293653", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293653", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36270", url: "https://www.cve.org/CVERecord?id=CVE-2024-36270", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36270", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36270", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36270-f7f7@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36270-f7f7@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: tproxy: bail out if IP has been disabled on the device", }, { cve: "CVE-2024-36286", cwe: { id: "CWE-667", name: "Improper Locking", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293711", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()\n\nsyzbot reported that nf_reinject() could be called without rcu_read_lock() :\n\nWARNING: suspicious RCU usage\n6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0 Not tainted\n\nnet/netfilter/nfnetlink_queue.c:263 suspicious rcu_dereference_check() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by syz-executor.4/13427:\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2190 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline]\n #1: ffff88801ca92958 (&inst->lock){+.-.}-{2:2}, at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172\n\nstack backtrace:\nCPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\nCall Trace:\n <IRQ>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nf_reinject net/netfilter/nfnetlink_queue.c:323 [inline]\n nfqnl_reinject+0x6ec/0x1120 net/netfilter/nfnetlink_queue.c:397\n nfqnl_flush net/netfilter/nfnetlink_queue.c:410 [inline]\n instance_destroy_rcu+0x1ae/0x220 net/netfilter/nfnetlink_queue.c:172\n rcu_do_batch kernel/rcu/tree.c:2196 [inline]\n rcu_core+0xafd/0x1830 kernel/rcu/tree.c:2471\n handle_softirqs+0x2d6/0x990 kernel/softirq.c:554\n __do_softirq kernel/softirq.c:588 [inline]\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:649\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n </IRQ>\n <TASK>", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36286", }, { category: "external", summary: "RHBZ#2293711", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293711", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36286", url: "https://www.cve.org/CVERecord?id=CVE-2024-36286", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36286", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36286", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36286-ebd5@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36286-ebd5@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()", }, { cve: "CVE-2024-36489", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293687", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix missing memory barrier in tls_init\n\nIn tls_init(), a write memory barrier is missing, and store-store\nreordering may cause NULL dereference in tls_{setsockopt,getsockopt}.\n\nCPU0 CPU1\n----- -----\n// In tls_init()\n// In tls_ctx_create()\nctx = kzalloc()\nctx->sk_proto = READ_ONCE(sk->sk_prot) -(1)\n\n// In update_sk_prot()\nWRITE_ONCE(sk->sk_prot, tls_prots) -(2)\n\n // In sock_common_setsockopt()\n READ_ONCE(sk->sk_prot)->setsockopt()\n\n // In tls_{setsockopt,getsockopt}()\n ctx->sk_proto->setsockopt() -(3)\n\nIn the above scenario, when (1) and (2) are reordered, (3) can observe\nthe NULL value of ctx->sk_proto, causing NULL dereference.\n\nTo fix it, we rely on rcu_assign_pointer() which implies the release\nbarrier semantic. By moving rcu_assign_pointer() after ctx->sk_proto is\ninitialized, we can ensure that ctx->sk_proto are visible when\nchanging sk->sk_prot.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tls: fix missing memory barrier in tls_init", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36489", }, { category: "external", summary: "RHBZ#2293687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293687", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36489", url: "https://www.cve.org/CVERecord?id=CVE-2024-36489", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36489", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36489", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36489-7213@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36489-7213@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tls: fix missing memory barrier in tls_init", }, { cve: "CVE-2024-36886", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-06-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2277238", }, ], notes: [ { category: "description", text: "A use-after-free (UAF) flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipc_buf_append() function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on \"struct sk_buff\", which may lead to remote code execution.", title: "Vulnerability description", }, { category: "summary", text: "kernel: TIPC message reassembly use-after-free remote code execution vulnerability", title: "Vulnerability summary", }, { category: "other", text: "While the TIPC module is not loaded by default, this flaw might be used as one in a series of attacks. For that reason, and because of the possibility of remote code execution on systems where this module has been loaded, Red Hat assesses the impact of this flaw as Important.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36886", }, { category: "external", summary: "RHBZ#2277238", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2277238", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36886", url: "https://www.cve.org/CVERecord?id=CVE-2024-36886", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36886", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36886", }, { category: "external", summary: "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/", url: "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u", }, ], release_date: "2024-06-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "The TIPC module is not automatically loaded in default configurations. When required, administrative privileges are required to explicitly load this module.\nTo determine if the TIPC module is loaded, use the following command:\n# grep tipc /proc/modules\nLook for output similar to the following:\ntipc 479232 0 - Live 0xffffffffc1ba5000\nip6_udp_tunnel 16384 1 tipc, Live 0xffffffffc1b9b000\nudp_tunnel 32768 1 tipc, Live 0xffffffffc1b8b000\n\nLoading the module can be prevented with the following instructions:\n# echo \"install tipc /bin/true\" >> /etc/modprobe.d/disable-tipc.conf\nThe system will need to be restarted if the module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "kernel: TIPC message reassembly use-after-free remote code execution vulnerability", }, { cve: "CVE-2024-36889", cwe: { id: "CWE-665", name: "Improper Initialization", }, discovery_date: "2024-05-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284571", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Modules linked in:\n CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n Workqueue: events mptcp_worker\n RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n \t<0f> 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n Call Trace:\n <TASK>\n __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n process_scheduled_works kernel/workqueue.c:3335 [inline]\n worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n kthread+0x121/0x170 kernel/kthread.c:388\n ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n </TASK>\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using 'bad' snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.", title: "Vulnerability description", }, { category: "summary", text: "kernel: mptcp: ensure snd_nxt is properly initialized on connect", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36889", }, { category: "external", summary: "RHBZ#2284571", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284571", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36889", url: "https://www.cve.org/CVERecord?id=CVE-2024-36889", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36889", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36889", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: mptcp: ensure snd_nxt is properly initialized on connect", }, { cve: "CVE-2024-36896", cwe: { id: "CWE-170", name: "Improper Null Termination", }, discovery_date: "2024-05-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284556", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix access violation during port device removal\n\nTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():\nusb_hub_to_struct_hub() can return NULL if the hub that the port belongs to\nis concurrently removed, but the function does not check for this\npossibility before dereferencing the returned value.\n\nIt turns out that the first dereference is unnecessary, since hub->intfdev\nis the parent of the port device, so it can be changed easily. Adding a\ncheck for hub == NULL prevents further problems.\n\nThe same bug exists in the disable_show() routine, and it can be fixed the\nsame way.", title: "Vulnerability description", }, { category: "summary", text: "kernel: USB: core: Fix access violation during port device removal", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36896", }, { category: "external", summary: "RHBZ#2284556", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284556", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36896", url: "https://www.cve.org/CVERecord?id=CVE-2024-36896", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36896", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36896", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36896-783f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36896-783f@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: USB: core: Fix access violation during port device removal", }, { cve: "CVE-2024-36904", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284541", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the Linux kernel’s TCP protocol in how a local user triggers a complex race condition during connection to the socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36904", }, { category: "external", summary: "RHBZ#2284541", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284541", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36904", url: "https://www.cve.org/CVERecord?id=CVE-2024-36904", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36904", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36904", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36904-2273@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36904-2273@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().", }, { cve: "CVE-2024-36905", cwe: { id: "CWE-369", name: "Divide By Zero", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284539", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -> tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -> TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk->sk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 <48> f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n <TASK>\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001", title: "Vulnerability description", }, { category: "summary", text: "kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36905", }, { category: "external", summary: "RHBZ#2284539", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284539", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36905", url: "https://www.cve.org/CVERecord?id=CVE-2024-36905", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36905", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36905", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36905-5884@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36905-5884@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets", }, { cve: "CVE-2024-36917", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284519", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of 'start + len' in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.", title: "Vulnerability description", }, { category: "summary", text: "kernel: block: fix overflow in blk_ioctl_discard()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36917", }, { category: "external", summary: "RHBZ#2284519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284519", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36917", url: "https://www.cve.org/CVERecord?id=CVE-2024-36917", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36917", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36917", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36917-f9e3@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36917-f9e3@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: block: fix overflow in blk_ioctl_discard()", }, { cve: "CVE-2024-36921", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284513", }, ], notes: [ { category: "description", text: "An out-of-bounds memory access flaw was found in the Linux kernel’s Wireless WiFi Link Next-Gen AGN driver in how a user removes it. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36921", }, { category: "external", summary: "RHBZ#2284513", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284513", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36921", url: "https://www.cve.org/CVERecord?id=CVE-2024-36921", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36921", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36921", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36921-9f90@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36921-9f90@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal", }, { cve: "CVE-2024-36927", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284500", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix uninit-value access in __ip_make_skb()\n\nKMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb()\ntests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a\nrace condition. If calling setsockopt(2) with IP_HDRINCL changes HDRINCL\nwhile __ip_make_skb() is running, the function will access icmphdr in the\nskb even if it is not included. This causes the issue reported by KMSAN.\n\nCheck FLOWI_FLAG_KNOWN_NH on fl4->flowi4_flags instead of testing HDRINCL\non the socket.\n\nAlso, fl4->fl4_icmp_type and fl4->fl4_icmp_code are not initialized. These\nare union in struct flowi4 and are implicitly initialized by\nflowi4_init_output(), but we should not rely on specific union layout.\n\nInitialize these explicitly in raw_sendmsg().\n\n[1]\nBUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n ip_finish_skb include/net/ip.h:243 [inline]\n ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508\n raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x5f6/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35a/0x7c0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n __ip_append_data+0x49ab/0x68c0 net/ipv4/ip_output.c:1128\n ip_append_data+0x1e7/0x260 net/ipv4/ip_output.c:1365\n raw_sendmsg+0x22b1/0x2690 net/ipv4/raw.c:648\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 1 PID: 15709 Comm: syz-executor.7 Not tainted 6.8.0-11567-gb3603fcb79b1 #25\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014", title: "Vulnerability description", }, { category: "summary", text: "kernel: ipv4: Fix uninit-value access in __ip_make_skb()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36927", }, { category: "external", summary: "RHBZ#2284500", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284500", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36927", url: "https://www.cve.org/CVERecord?id=CVE-2024-36927", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36927", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36927", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36927-976e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36927-976e@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ipv4: Fix uninit-value access in __ip_make_skb()", }, { cve: "CVE-2024-36929", cwe: { id: "CWE-822", name: "Untrusted Pointer Dereference", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284496", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: core: reject skb_copy(_expand) for fraglist GSO skbs\n\nSKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become\ninvalid. Return NULL if such an skb is passed to skb_copy or\nskb_copy_expand, in order to prevent a crash on a potential later\ncall to skb_gso_segment.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36929", }, { category: "external", summary: "RHBZ#2284496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284496", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36929", url: "https://www.cve.org/CVERecord?id=CVE-2024-36929", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36929", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36929", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs", }, { cve: "CVE-2024-36933", cwe: { id: "CWE-457", name: "Use of Uninitialized Variable", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284488", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().\n\nsyzbot triggered various splats (see [0] and links) by a crafted GSO\npacket of VIRTIO_NET_HDR_GSO_UDP layering the following protocols:\n\n ETH_P_8021AD + ETH_P_NSH + ETH_P_IPV6 + IPPROTO_UDP\n\nNSH can encapsulate IPv4, IPv6, Ethernet, NSH, and MPLS. As the inner\nprotocol can be Ethernet, NSH GSO handler, nsh_gso_segment(), calls\nskb_mac_gso_segment() to invoke inner protocol GSO handlers.\n\nnsh_gso_segment() does the following for the original skb before\ncalling skb_mac_gso_segment()\n\n 1. reset skb->network_header\n 2. save the original skb->{mac_heaeder,mac_len} in a local variable\n 3. pull the NSH header\n 4. resets skb->mac_header\n 5. set up skb->mac_len and skb->protocol for the inner protocol.\n\nand does the following for the segmented skb\n\n 6. set ntohs(ETH_P_NSH) to skb->protocol\n 7. push the NSH header\n 8. restore skb->mac_header\n 9. set skb->mac_header + mac_len to skb->network_header\n 10. restore skb->mac_len\n\nThere are two problems in 6-7 and 8-9.\n\n (a)\n After 6 & 7, skb->data points to the NSH header, so the outer header\n (ETH_P_8021AD in this case) is stripped when skb is sent out of netdev.\n\n Also, if NSH is encapsulated by NSH + Ethernet (so NSH-Ethernet-NSH),\n skb_pull() in the first nsh_gso_segment() will make skb->data point\n to the middle of the outer NSH or Ethernet header because the Ethernet\n header is not pulled by the second nsh_gso_segment().\n\n (b)\n While restoring skb->{mac_header,network_header} in 8 & 9,\n nsh_gso_segment() does not assume that the data in the linear\n buffer is shifted.\n\n However, udp6_ufo_fragment() could shift the data and change\n skb->mac_header accordingly as demonstrated by syzbot.\n\n If this happens, even the restored skb->mac_header points to\n the middle of the outer header.\n\nIt seems nsh_gso_segment() has never worked with outer headers so far.\n\nAt the end of nsh_gso_segment(), the outer header must be restored for\nthe segmented skb, instead of the NSH header.\n\nTo do that, let's calculate the outer header position relatively from\nthe inner header and set skb->{data,mac_header,protocol} properly.\n\n[0]:\nBUG: KMSAN: uninit-value in ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\nBUG: KMSAN: uninit-value in ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\nBUG: KMSAN: uninit-value in ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_start_xmit+0x5c/0x1a0 drivers/net/ipvlan/ipvlan_main.c:222\n __netdev_start_xmit include/linux/netdevice.h:4989 [inline]\n netdev_start_xmit include/linux/netdevice.h:5003 [inline]\n xmit_one net/core/dev.c:3547 [inline]\n dev_hard_start_xmit+0x244/0xa10 net/core/dev.c:3563\n __dev_queue_xmit+0x33ed/0x51c0 net/core/dev.c:4351\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n __do_kmalloc_node mm/slub.c:3980 [inline]\n __kmalloc_node_track_caller+0x705/0x1000 mm/slub.c:4001\n kmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\n __\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36933", }, { category: "external", summary: "RHBZ#2284488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284488", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36933", url: "https://www.cve.org/CVERecord?id=CVE-2024-36933", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36933", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36933", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053042-CVE-2024-36933-444e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053042-CVE-2024-36933-444e@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().", }, { cve: "CVE-2024-36940", cwe: { id: "CWE-415", name: "Double Free", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284477", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.", title: "Vulnerability description", }, { category: "summary", text: "kernel: pinctrl: core: delete incorrect free in pinctrl_enable()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36940", }, { category: "external", summary: "RHBZ#2284477", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284477", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36940", url: "https://www.cve.org/CVERecord?id=CVE-2024-36940", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36940", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36940", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36940-0c83@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36940-0c83@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: pinctrl: core: delete incorrect free in pinctrl_enable()", }, { cve: "CVE-2024-36941", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-05-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284474", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: don't free NULL coalescing rule\n\nIf the parsing fails, we can dereference a NULL pointer here.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: nl80211: don't free NULL coalescing rule", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36941", }, { category: "external", summary: "RHBZ#2284474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284474", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36941", url: "https://www.cve.org/CVERecord?id=CVE-2024-36941", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36941", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36941", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36941-b3a3@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36941-b3a3@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: nl80211: don't free NULL coalescing rule", }, { cve: "CVE-2024-36950", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-05-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284625", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can't clear the bus\nreset event flag in irq_handler, because we won't service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won't be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.", title: "Vulnerability description", }, { category: "summary", text: "kernel: firewire: ohci: mask bus reset interrupts between ISR and bottom half", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36950", }, { category: "external", summary: "RHBZ#2284625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284625", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36950", url: "https://www.cve.org/CVERecord?id=CVE-2024-36950", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36950", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36950", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36950-9f0e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36950-9f0e@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: firewire: ohci: mask bus reset interrupts between ISR and bottom half", }, { cve: "CVE-2024-36954", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-05-30T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2284590", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn't free the skb when it fails, so move\n'*buf = NULL' after __skb_linearize(), so that the skb can be\nfreed on the err path.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tipc: fix a possible memleak in tipc_buf_append", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36954", }, { category: "external", summary: "RHBZ#2284590", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2284590", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36954", url: "https://www.cve.org/CVERecord?id=CVE-2024-36954", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36954", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36954", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36954-b1b8@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36954-b1b8@gregkh/T", }, ], release_date: "2024-05-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tipc: fix a possible memleak in tipc_buf_append", }, { cve: "CVE-2024-36960", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-06-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2290408", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat's actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.", title: "Vulnerability description", }, { category: "summary", text: "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36960", }, { category: "external", summary: "RHBZ#2290408", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2290408", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36960", url: "https://www.cve.org/CVERecord?id=CVE-2024-36960", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36960", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36960", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T", }, ], release_date: "2024-06-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events", }, { cve: "CVE-2024-36971", discovery_date: "2024-06-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2292331", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the Linux kernel's network route management. This flaw allows an attacker to alter the behavior of certain network connections.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: kernel: UAF in network route management", title: "Vulnerability summary", }, { category: "other", text: "Environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971. Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them. This problem stems from modules which use the `negative_advice()` function.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36971", }, { category: "external", summary: "RHBZ#2292331", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2292331", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36971", url: "https://www.cve.org/CVERecord?id=CVE-2024-36971", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36971", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36971", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2024-06-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "exploit_status", date: "2024-08-07T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Important", }, ], title: "kernel: net: kernel: UAF in network route management", }, { cve: "CVE-2024-36978", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293078", }, ], notes: [ { category: "description", text: "An out-of-bounds write flaw was found in the Linux kernel's multiq qdisc functionality. This vulnerability allows a local user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune()", title: "Vulnerability summary", }, { category: "other", text: "This issue is for a specific configuration when the multiq of qdisc is being used. It is not easy to trigger unless the user is privileged because, apart from enabling this specific configuration, some complex conditions have to happen.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36978", }, { category: "external", summary: "RHBZ#2293078", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293078", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36978", url: "https://www.cve.org/CVERecord?id=CVE-2024-36978", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36978", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36978", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061926-CVE-2024-36978-b4b8@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061926-CVE-2024-36978-b4b8@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "To mitigate this issue, prevent module sch_multiq from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune()", }, { cve: "CVE-2024-36979", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293276", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in net/bridge/br_mst.c in the Linux kernel. This issue may lead to compromised Confidentiality and Integrity, and can crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: bridge: mst: fix vlan use-after-free", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has determined this vulnerability to be moderate impact, as it is triggered within the bridge vlan processing context, a network-layer operation that mainly affects how vlan states are updated and does not directly/implicitly expose sensitive user-space memory, limiting the confidentiality impact. This processing context does not provide direct control over arbitrary memory writes, limiting the. impact to integrity. The most likely result is a kernel panic or crash.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-36979", }, { category: "external", summary: "RHBZ#2293276", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293276", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-36979", url: "https://www.cve.org/CVERecord?id=CVE-2024-36979", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-36979", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36979", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061945-CVE-2024-36979-b4a6@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061945-CVE-2024-36979-b4a6@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net: bridge: mst: fix vlan use-after-free", }, { cve: "CVE-2024-38538", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293461", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: xmit: make sure we have at least eth header len bytes\n\nsyzbot triggered an uninit value[1] error in bridge device's xmit path\nby sending a short (less than ETH_HLEN bytes) skb. To fix it check if\nwe can actually pull that amount instead of assuming.\n\nTested with dropwatch:\n drop at: br_dev_xmit+0xb93/0x12d0 [bridge] (0xffffffffc06739b3)\n origin: software\n timestamp: Mon May 13 11:31:53 2024 778214037 nsec\n protocol: 0x88a8\n length: 2\n original length: 2\n drop reason: PKT_TOO_SMALL\n\n[1]\nBUG: KMSAN: uninit-value in br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x34db/0x5350 net/core/dev.c:4341\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n __bpf_tx_skb net/core/filter.c:2136 [inline]\n __bpf_redirect_common net/core/filter.c:2180 [inline]\n __bpf_redirect+0x14a6/0x1620 net/core/filter.c:2187\n ____bpf_clone_redirect net/core/filter.c:2460 [inline]\n bpf_clone_redirect+0x328/0x470 net/core/filter.c:2432\n ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997\n __bpf_prog_run512+0xb5/0xe0 kernel/bpf/core.c:2238\n bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]\n __bpf_prog_run include/linux/filter.h:657 [inline]\n bpf_prog_run include/linux/filter.h:664 [inline]\n bpf_test_run+0x499/0xc30 net/bpf/test_run.c:425\n bpf_prog_test_run_skb+0x14ea/0x1f20 net/bpf/test_run.c:1058\n bpf_prog_test_run+0x6b7/0xad0 kernel/bpf/syscall.c:4269\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5678\n __do_sys_bpf kernel/bpf/syscall.c:5767 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5765 [inline]\n __x64_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5765\n x64_sys_call+0x96b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: bridge: xmit: make sure we have at least eth header len bytes", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in is classified as moderate severity because it requires local access and specific packet manipulation to exploit. While it may impact system stability, it does not broadly compromise system security, as its effects remain limited to certain packet-handling scenarios.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38538", }, { category: "external", summary: "RHBZ#2293461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38538", url: "https://www.cve.org/CVERecord?id=CVE-2024-38538", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38538", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38538", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net: bridge: xmit: make sure we have at least eth header len bytes", }, { cve: "CVE-2024-38555", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293444", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n<IRQ>\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n</IRQ>\n<TASK>\nasm_common_interrupt+0x22/0x40", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/mlx5: Discard command completions in internal error", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38555", }, { category: "external", summary: "RHBZ#2293444", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293444", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38555", url: "https://www.cve.org/CVERecord?id=CVE-2024-38555", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38555", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38555", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/mlx5: Discard command completions in internal error", }, { cve: "CVE-2024-38573", discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293420", }, ], notes: [ { category: "description", text: "A NULL pointer dereference flaw was found in cppc_cpufreq_get_rate() in the Linux kernel. This issue may result in a crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: cppc_cpufreq: Fix possible null pointer dereference", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38573", }, { category: "external", summary: "RHBZ#2293420", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293420", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38573", url: "https://www.cve.org/CVERecord?id=CVE-2024-38573", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38573", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38573", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38573-d4b6@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38573-d4b6@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: cppc_cpufreq: Fix possible null pointer dereference", }, { cve: "CVE-2024-38575", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293418", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: pcie: handle randbuf allocation failure\n\nThe kzalloc() in brcmf_pcie_download_fw_nvram() will return null\nif the physical memory has run out. As a result, if we use\nget_random_bytes() to generate random bytes in the randbuf, the\nnull pointer dereference bug will happen.\n\nIn order to prevent allocation failure, this patch adds a separate\nfunction using buffer on kernel stack to generate random bytes in\nthe randbuf, which could prevent the kernel stack from overflow.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38575", }, { category: "external", summary: "RHBZ#2293418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293418", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38575", url: "https://www.cve.org/CVERecord?id=CVE-2024-38575", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38575", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38575", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38575-8b6b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38575-8b6b@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure", }, { cve: "CVE-2024-38596", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293371", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix data races in unix_release_sock/unix_stream_sendmsg\n\nA data-race condition has been identified in af_unix. In one data path,\nthe write function unix_release_sock() atomically writes to\nsk->sk_shutdown using WRITE_ONCE. However, on the reader side,\nunix_stream_sendmsg() does not read it atomically. Consequently, this\nissue is causing the following KCSAN splat to occur:\n\n\tBUG: KCSAN: data-race in unix_release_sock / unix_stream_sendmsg\n\n\twrite (marked) to 0xffff88867256ddbb of 1 bytes by task 7270 on cpu 28:\n\tunix_release_sock (net/unix/af_unix.c:640)\n\tunix_release (net/unix/af_unix.c:1050)\n\tsock_close (net/socket.c:659 net/socket.c:1421)\n\t__fput (fs/file_table.c:422)\n\t__fput_sync (fs/file_table.c:508)\n\t__se_sys_close (fs/open.c:1559 fs/open.c:1541)\n\t__x64_sys_close (fs/open.c:1541)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tread to 0xffff88867256ddbb of 1 bytes by task 989 on cpu 14:\n\tunix_stream_sendmsg (net/unix/af_unix.c:2273)\n\t__sock_sendmsg (net/socket.c:730 net/socket.c:745)\n\t____sys_sendmsg (net/socket.c:2584)\n\t__sys_sendmmsg (net/socket.c:2638 net/socket.c:2724)\n\t__x64_sys_sendmmsg (net/socket.c:2753 net/socket.c:2750 net/socket.c:2750)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tvalue changed: 0x01 -> 0x03\n\nThe line numbers are related to commit dd5a440a31fa (\"Linux 6.9-rc7\").\n\nCommit e1d09c2c2f57 (\"af_unix: Fix data races around sk->sk_shutdown.\")\naddressed a comparable issue in the past regarding sk->sk_shutdown.\nHowever, it overlooked resolving this particular data path.\nThis patch only offending unix_stream_sendmsg() function, since the\nother reads seem to be protected by unix_state_lock() as discussed in", title: "Vulnerability description", }, { category: "summary", text: "kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38596", }, { category: "external", summary: "RHBZ#2293371", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293371", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38596", url: "https://www.cve.org/CVERecord?id=CVE-2024-38596", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38596", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38596", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38596-f660@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38596-f660@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg", }, { cve: "CVE-2024-38615", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2024-06-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293348", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: exit() callback is optional\n\nThe exit() callback is optional and shouldn't be called without checking\na valid pointer first.\n\nAlso, we must clear freq_table pointer even if the exit() callback isn't\npresent.", title: "Vulnerability description", }, { category: "summary", text: "kernel: cpufreq: exit() callback is optional", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38615", }, { category: "external", summary: "RHBZ#2293348", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293348", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38615", url: "https://www.cve.org/CVERecord?id=CVE-2024-38615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38615", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38615", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38615-0d4c@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38615-0d4c@gregkh/T", }, ], release_date: "2024-06-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: cpufreq: exit() callback is optional", }, { cve: "CVE-2024-38627", cwe: { id: "CWE-415", name: "Double Free", }, discovery_date: "2024-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2293700", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stm_register_device() could lead to a double-free error. This issue occurs when the put_device(&stm->dev) call triggers stm_device_release() to free \"stm\", making the subsequent vfree(stm) call redundant and potentially harmful.", title: "Vulnerability description", }, { category: "summary", text: "kernel: stm class: Fix a double free in stm_register_device()", title: "Vulnerability summary", }, { category: "other", text: "Red Hat assesses the impact of this vulnerability as Low because this flaw can be mitigated by blocklisting a kernel module that is not typically used in production systems, and an attacker would need elevated privileges to have complete control over the consequences of the memory corruption caused by this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-38627", }, { category: "external", summary: "RHBZ#2293700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2293700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-38627", url: "https://www.cve.org/CVERecord?id=CVE-2024-38627", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-38627", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-38627", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T", }, ], release_date: "2024-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "To mitigate this issue, prevent the `stm` kernel module from being loaded. See https://access.redhat.com/solutions/41278 for information about how to prevent kernel modules from being loaded automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: stm class: Fix a double free in stm_register_device()", }, { cve: "CVE-2024-39276", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-06-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2294274", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()\n\nSyzbot reports a warning as follows:\n\n============================================\nWARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290\nModules linked in:\nCPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7\nRIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419\nCall Trace:\n <TASK>\n ext4_put_super+0x6d4/0xcd0 fs/ext4/super.c:1375\n generic_shutdown_super+0x136/0x2d0 fs/super.c:641\n kill_block_super+0x44/0x90 fs/super.c:1675\n ext4_kill_sb+0x68/0xa0 fs/ext4/super.c:7327\n[...]\n============================================\n\nThis is because when finding an entry in ext4_xattr_block_cache_find(), if\next4_sb_bread() returns -ENOMEM, the ce's e_refcnt, which has already grown\nin the __entry_find(), won't be put away, and eventually trigger the above\nissue in mb_cache_destroy() due to reference count leakage.\n\nSo call mb_cache_entry_put() on the -ENOMEM error branch as a quick fix.", title: "Vulnerability description", }, { category: "summary", text: "kernel: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39276", }, { category: "external", summary: "RHBZ#2294274", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2294274", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39276", url: "https://www.cve.org/CVERecord?id=CVE-2024-39276", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39276", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39276", }, ], release_date: "2024-06-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()", }, { cve: "CVE-2024-39472", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2024-07-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2296067", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix log recovery buffer allocation for the legacy h_size fixup\n\nCommit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by\nmkfs\") added a fixup for incorrect h_size values used for the initial\numount record in old xfsprogs versions. Later commit 0c771b99d6c9\n(\"xfs: clean up calculation of LR header blocks\") cleaned up the log\nreover buffer calculation, but stoped using the fixed up h_size value\nto size the log recovery buffer, which can lead to an out of bounds\naccess when the incorrect h_size does not come from the old mkfs\ntool, but a fuzzer.\n\nFix this by open coding xlog_logrec_hblks and taking the fixed h_size\ninto account for this calculation.", title: "Vulnerability description", }, { category: "summary", text: "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39472", }, { category: "external", summary: "RHBZ#2296067", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2296067", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39472", url: "https://www.cve.org/CVERecord?id=CVE-2024-39472", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39472", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39472", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T", }, ], release_date: "2024-07-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup", }, { cve: "CVE-2024-39476", cwe: { id: "CWE-833", name: "Deadlock", }, discovery_date: "2024-07-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2295914", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's md/raid5 implementation within the raid5d() function. This flaw can cause a deadlock when handling I/O operations due to a conflict between the reconfig_mutex and the MD_SB_CHANGE_PENDING flag, leading to excessive CPU usage and denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39476", }, { category: "external", summary: "RHBZ#2295914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2295914", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39476", url: "https://www.cve.org/CVERecord?id=CVE-2024-39476", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39476", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39476", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024070518-CVE-2024-39476-aa2d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024070518-CVE-2024-39476-aa2d@gregkh/T", }, ], release_date: "2024-07-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING", }, { cve: "CVE-2024-39487", discovery_date: "2024-07-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2297056", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval->string is an\nempty string, newval->string+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.", title: "Vulnerability description", }, { category: "summary", text: "kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39487", }, { category: "external", summary: "RHBZ#2297056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297056", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39487", url: "https://www.cve.org/CVERecord?id=CVE-2024-39487", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39487", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39487", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024070912-CVE-2024-39487-f52c@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024070912-CVE-2024-39487-f52c@gregkh/T", }, ], release_date: "2024-07-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()", }, { cve: "CVE-2024-39502", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2297474", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues' napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue' napi. Unused queues' napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn't distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn't reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n ethtool -L <interface name> rx 1 tx 1 combined 0\n ethtool -L <interface name> rx 0 tx 0 combined 1\n ethtool -L <interface name> rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS: 0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n <TASK>\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30", title: "Vulnerability description", }, { category: "summary", text: "kernel: ionic: fix use after netif_napi_del()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-39502", }, { category: "external", summary: "RHBZ#2297474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297474", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-39502", url: "https://www.cve.org/CVERecord?id=CVE-2024-39502", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-39502", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-39502", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T", }, ], release_date: "2024-07-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: ionic: fix use after netif_napi_del()", }, { cve: "CVE-2024-40927", cwe: { id: "CWE-820", name: "Missing Synchronization", }, discovery_date: "2024-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2297511", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Handle TD clearing for multiple streams case\n\nWhen multiple streams are in use, multiple TDs might be in flight when\nan endpoint is stopped. We need to issue a Set TR Dequeue Pointer for\neach, to ensure everything is reset properly and the caches cleared.\nChange the logic so that any N>1 TDs found active for different streams\nare deferred until after the first one is processed, calling\nxhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to\nqueue another command until we are done with all of them. Also change\nthe error/\"should never happen\" paths to ensure we at least clear any\naffected TDs, even if we can't issue a command to clear the hardware\ncache, and complain loudly with an xhci_warn() if this ever happens.\n\nThis problem case dates back to commit e9df17eb1408 (\"USB: xhci: Correct\nassumptions about number of rings per endpoint.\") early on in the XHCI\ndriver's life, when stream support was first added.\nIt was then identified but not fixed nor made into a warning in commit\n674f8438c121 (\"xhci: split handling halted endpoints into two steps\"),\nwhich added a FIXME comment for the problem case (without materially\nchanging the behavior as far as I can tell, though the new logic made\nthe problem more obvious).\n\nThen later, in commit 94f339147fc3 (\"xhci: Fix failure to give back some\ncached cancelled URBs.\"), it was acknowledged again.\n\n[Mathias: commit 94f339147fc3 (\"xhci: Fix failure to give back some cached\ncancelled URBs.\") was a targeted regression fix to the previously mentioned\npatch. Users reported issues with usb stuck after unmounting/disconnecting\nUAS devices. This rolled back the TD clearing of multiple streams to its\noriginal state.]\n\nApparently the commit author was aware of the problem (yet still chose\nto submit it): It was still mentioned as a FIXME, an xhci_dbg() was\nadded to log the problem condition, and the remaining issue was mentioned\nin the commit description. The choice of making the log type xhci_dbg()\nfor what is, at this point, a completely unhandled and known broken\ncondition is puzzling and unfortunate, as it guarantees that no actual\nusers would see the log in production, thereby making it nigh\nundebuggable (indeed, even if you turn on DEBUG, the message doesn't\nreally hint at there being a problem at all).\n\nIt took me *months* of random xHC crashes to finally find a reliable\nrepro and be able to do a deep dive debug session, which could all have\nbeen avoided had this unhandled, broken condition been actually reported\nwith a warning, as it should have been as a bug intentionally left in\nunfixed (never mind that it shouldn't have been left in at all).\n\n> Another fix to solve clearing the caches of all stream rings with\n> cancelled TDs is needed, but not as urgent.\n\n3 years after that statement and 14 years after the original bug was\nintroduced, I think it's finally time to fix it. And maybe next time\nlet's not leave bugs unfixed (that are actually worse than the original\nbug), and let's actually get people to review kernel commits please.\n\nFixes xHC crashes and IOMMU faults with UAS devices when handling\nerrors/faults. Easiest repro is to use `hdparm` to mark an early sector\n(e.g. 1024) on a disk as bad, then `cat /dev/sdX > /dev/null` in a loop.\nAt least in the case of JMicron controllers, the read errors end up\nhaving to cancel two TDs (for two queued requests to different streams)\nand the one that didn't get cleared properly ends up faulting the xHC\nentirely when it tries to access DMA pages that have since been unmapped,\nreferred to by the stale TDs. This normally happens quickly (after two\nor three loops). After this fix, I left the `cat` in a loop running\novernight and experienced no xHC failures, with all read errors\nrecovered properly. Repro'd and tested on an Apple M1 Mac Mini\n(dwc3 host).\n\nOn systems without an IOMMU, this bug would instead silently corrupt\nfreed memory, making this a\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: xhci: Handle TD clearing for multiple streams case", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-40927", }, { category: "external", summary: "RHBZ#2297511", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2297511", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-40927", url: "https://www.cve.org/CVERecord?id=CVE-2024-40927", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-40927", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-40927", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024071214-CVE-2024-40927-3dcb@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024071214-CVE-2024-40927-3dcb@gregkh/T", }, ], release_date: "2024-07-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-08-08T04:44:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:5102", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: xhci: Handle TD clearing for multiple streams case", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.