Action not permitted
Modal body text goes here.
cve-2024-26671
Vulnerability from cvelistv5
Published
2024-04-02 06:49
Modified
2024-11-05 09:13
Severity ?
EPSS score ?
Summary
blk-mq: fix IO hang from sbitmap wakeup race
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:14:12.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9525b38180e2753f0daa1a522b7767a2aa969676"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ecd7744a1446eb02ccc63e493e2eb6ede4ef1e10"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7610ba1319253225a9ba8a9d28d472fc883b4e2f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89e0e66682e1538aeeaa3109503473663cd24c8b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d9c777d3e70bdc57dddf7a14a80059d65919e56"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d8b01624a2540336a32be91f25187a433af53a0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f1bc0d8163f8ee84a8d5affdf624cfad657df1d2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5266caaf5660529e3da53004b8b7174cab6374ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:53:32.693372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:37.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/blk-mq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9525b38180e2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ecd7744a1446",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7610ba131925",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "89e0e66682e1",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "1d9c777d3e70",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "6d8b01624a25",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f1bc0d8163f8",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "5266caaf5660",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/blk-mq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.307",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.269",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.210",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.149",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.77",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T09:13:36.071Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9525b38180e2753f0daa1a522b7767a2aa969676"
},
{
"url": "https://git.kernel.org/stable/c/ecd7744a1446eb02ccc63e493e2eb6ede4ef1e10"
},
{
"url": "https://git.kernel.org/stable/c/7610ba1319253225a9ba8a9d28d472fc883b4e2f"
},
{
"url": "https://git.kernel.org/stable/c/89e0e66682e1538aeeaa3109503473663cd24c8b"
},
{
"url": "https://git.kernel.org/stable/c/1d9c777d3e70bdc57dddf7a14a80059d65919e56"
},
{
"url": "https://git.kernel.org/stable/c/6d8b01624a2540336a32be91f25187a433af53a0"
},
{
"url": "https://git.kernel.org/stable/c/f1bc0d8163f8ee84a8d5affdf624cfad657df1d2"
},
{
"url": "https://git.kernel.org/stable/c/5266caaf5660529e3da53004b8b7174cab6374ed"
}
],
"title": "blk-mq: fix IO hang from sbitmap wakeup race",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-26671",
"datePublished": "2024-04-02T06:49:13.834Z",
"dateReserved": "2024-02-19T14:20:24.150Z",
"dateUpdated": "2024-11-05T09:13:36.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-26671\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-02T07:15:43.830\",\"lastModified\":\"2024-11-05T10:15:39.883\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblk-mq: fix IO hang from sbitmap wakeup race\\n\\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\\nwith the following blk_mq_get_driver_tag() in case of getting driver\\ntag failure.\\n\\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\\n\\nThis issue can be reproduced by running the following test in loop, and\\nfio hang can be observed in \u003c 30min when running it on my test VM\\nin laptop.\\n\\n\\tmodprobe -r scsi_debug\\n\\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\\n\\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\\n\\tfio --filename=/dev/\\\"$dev\\\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\\\\n \\t\\t--runtime=100 --numjobs=40 --time_based --name=test \\\\\\n \\t--ioengine=libaio\\n\\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\\nis just fine in case of running out of tag.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: blk-mq: corrige el bloqueo de IO de la carrera de activaci\u00f3n del mapa de bits En blk_mq_mark_tag_wait(), __add_wait_queue() se puede reordenar con el siguiente blk_mq_get_driver_tag() en caso de que se produzca un error en la etiqueta del controlador. Luego, en __sbitmap_queue_wake_up(), waitqueue_active() puede no observar al camarero agregado en blk_mq_mark_tag_wait() y no despertar nada, mientras tanto, blk_mq_mark_tag_wait() no puede obtener la etiqueta del controlador correctamente. Este problema se puede reproducir ejecutando la siguiente prueba en bucle, y se puede observar un bloqueo de fio en \u0026lt; 30 minutos cuando lo ejecuto en mi m\u00e1quina virtual de prueba en una computadora port\u00e1til. modprobe -r scsi_debug modprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4 dev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block /* | cabeza -1 | xargs basename` fio --filename=/dev/\\\"$dev\\\" --direct=1 --rw=randrw --bs=4k --io Depth=1 \\\\ --runtime=100 --numjobs=40 --time_based - -name=test \\\\ --ioengine=libaio Solucione el problema agregando una barrera expl\u00edcita en blk_mq_mark_tag_wait(), lo cual est\u00e1 bien en caso de quedarse sin etiqueta.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1d9c777d3e70bdc57dddf7a14a80059d65919e56\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5266caaf5660529e3da53004b8b7174cab6374ed\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6d8b01624a2540336a32be91f25187a433af53a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7610ba1319253225a9ba8a9d28d472fc883b4e2f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/89e0e66682e1538aeeaa3109503473663cd24c8b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9525b38180e2753f0daa1a522b7767a2aa969676\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ecd7744a1446eb02ccc63e493e2eb6ede4ef1e10\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f1bc0d8163f8ee84a8d5affdf624cfad657df1d2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
rhsa-2024_2950
Vulnerability from csaf_redhat
Published
2024-05-22 10:16
Modified
2024-11-06 05:52
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2950",
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index"
},
{
"category": "external",
"summary": "1731000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731000"
},
{
"category": "external",
"summary": "1746732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746732"
},
{
"category": "external",
"summary": "1888726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726"
},
{
"category": "external",
"summary": "1999589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999589"
},
{
"category": "external",
"summary": "2039178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039178"
},
{
"category": "external",
"summary": "2043520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043520"
},
{
"category": "external",
"summary": "2044578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044578"
},
{
"category": "external",
"summary": "2150953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150953"
},
{
"category": "external",
"summary": "2151959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151959"
},
{
"category": "external",
"summary": "2177759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177759"
},
{
"category": "external",
"summary": "2179892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179892"
},
{
"category": "external",
"summary": "2213132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213132"
},
{
"category": "external",
"summary": "2218332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218332"
},
{
"category": "external",
"summary": "2219359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219359"
},
{
"category": "external",
"summary": "2221039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221039"
},
{
"category": "external",
"summary": "2221463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
},
{
"category": "external",
"summary": "2221702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702"
},
{
"category": "external",
"summary": "2226777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226777"
},
{
"category": "external",
"summary": "2226784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226784"
},
{
"category": "external",
"summary": "2226787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226787"
},
{
"category": "external",
"summary": "2226788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226788"
},
{
"category": "external",
"summary": "2230042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042"
},
{
"category": "external",
"summary": "2231410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231410"
},
{
"category": "external",
"summary": "2235306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235306"
},
{
"category": "external",
"summary": "2239845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239845"
},
{
"category": "external",
"summary": "2239847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239847"
},
{
"category": "external",
"summary": "2244720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244720"
},
{
"category": "external",
"summary": "2250043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250043"
},
{
"category": "external",
"summary": "2253632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253632"
},
{
"category": "external",
"summary": "2254961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254961"
},
{
"category": "external",
"summary": "2254982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254982"
},
{
"category": "external",
"summary": "2255283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255283"
},
{
"category": "external",
"summary": "2256490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256490"
},
{
"category": "external",
"summary": "2256822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256822"
},
{
"category": "external",
"summary": "2257682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257682"
},
{
"category": "external",
"summary": "2257979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257979"
},
{
"category": "external",
"summary": "2265285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265285"
},
{
"category": "external",
"summary": "2265653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265653"
},
{
"category": "external",
"summary": "2267695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267695"
},
{
"category": "external",
"summary": "2267750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267750"
},
{
"category": "external",
"summary": "2267760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267760"
},
{
"category": "external",
"summary": "2267761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267761"
},
{
"category": "external",
"summary": "2269189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
},
{
"category": "external",
"summary": "2269217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269217"
},
{
"category": "external",
"summary": "2270836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836"
},
{
"category": "external",
"summary": "2270883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270883"
},
{
"category": "external",
"summary": "2272811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2950.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-06T05:52:50+00:00",
"generator": {
"date": "2024-11-06T05:52:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:2950",
"initial_release_date": "2024-05-22T10:16:27+00:00",
"revision_history": [
{
"date": "2024-05-22T10:16:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-22T10:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T05:52:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"product": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"product_id": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.rt7.342.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.rt7.342.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13631",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-07-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1731000"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of GTCO tablet/digitizer\u0027s version of the parse_hid_report_descriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write during the generation of debugging messages, or possibly escalate the privileges of a process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13631"
},
{
"category": "external",
"summary": "RHBZ#1731000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731000"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13631",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13631"
}
],
"release_date": "2019-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "It is possible to prevent the kernel from loading the affected code by blacklisting the gtco kernel module. Visit https://access.redhat.com/solutions/41278 for specifics.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c"
},
{
"cve": "CVE-2019-15505",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746732"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in the DVB USB subsystem of the Linux kernel. There was no boundary check applied to the array in struct technisat_usb2_state state-\u003ebuf until the 0xff byte is encountered. If the byte is not encountered within the limit, an exposure of kernel data structure occurs. Data confidentiality and system availability are the highest threats with this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15505"
},
{
"category": "external",
"summary": "RHBZ#1746732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15505",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15505"
}
],
"release_date": "2019-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module technisat_usb2 onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c"
},
{
"cve": "CVE-2020-25656",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1888726"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in read in vt_do_kdgkb_ioctl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the attack scenario limitation where only local user with access to VT console if at least CAP_SYS_TTY_CONFIG enabled can trigger this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25656"
},
{
"category": "external",
"summary": "RHBZ#1888726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25656"
},
{
"category": "external",
"summary": "https://lkml.org/lkml/2020/10/16/84",
"url": "https://lkml.org/lkml/2020/10/16/84"
},
{
"category": "external",
"summary": "https://lkml.org/lkml/2020/10/29/528",
"url": "https://lkml.org/lkml/2020/10/29/528"
}
],
"release_date": "2020-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in read in vt_do_kdgkb_ioctl"
},
{
"cve": "CVE-2021-3753",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999589"
}
],
"notes": [
{
"category": "description",
"text": "A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: a race out-of-bound read in vt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3753"
},
{
"category": "external",
"summary": "RHBZ#1999589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3753",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3753",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3753"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7",
"url": "https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/09/01/4",
"url": "https://www.openwall.com/lists/oss-security/2021/09/01/4"
}
],
"release_date": "2021-09-01T11:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: a race out-of-bound read in vt"
},
{
"cve": "CVE-2021-4204",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039178"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel\u0027s eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: improper input validation may lead to privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4204"
},
{
"category": "external",
"summary": "RHBZ#2039178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039178"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4204"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/11/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/11/4"
}
],
"release_date": "2022-01-11T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: improper input validation may lead to privilege escalation"
},
{
"cve": "CVE-2022-0500",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044578"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel\u2019s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0500"
},
{
"category": "external",
"summary": "RHBZ#2044578",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044578"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0500"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0500",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0500"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n```\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n```\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN (or CAP_BPF) capabilities.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges"
},
{
"cve": "CVE-2022-3565",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150953"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s ISDN over IP tunnel functionality in how a local user triggers the release_card() function called from l1oip_cleanup(). This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in l1oip timer handlers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3565"
},
{
"category": "external",
"summary": "RHBZ#2150953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3565"
}
],
"release_date": "2022-09-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the l1oip module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in l1oip timer handlers"
},
{
"acknowledgments": [
{
"names": [
"tr3e"
],
"organization": "SecCoder Security Lab"
}
],
"cve": "CVE-2022-23222",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2022-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2043520"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s adjust_ptr_min_max_vals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for *_OR_NULL pointer types that perform pointer arithmetic may cause a kernel information leak issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: local privileges escalation in kernel/bpf/verifier.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. \n\nThis would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23222"
},
{
"category": "external",
"summary": "RHBZ#2043520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043520"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23222",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23222"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/13/1",
"url": "https://www.openwall.com/lists/oss-security/2022/01/13/1"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: local privileges escalation in kernel/bpf/verifier.c"
},
{
"cve": "CVE-2022-45934",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151959"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in the Linux kernel\u2019s L2CAP bluetooth functionality in how a user generates malicious L2CAP_CONF_REQ packets. This flaw allows a local or bluetooth connection user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated Moderate based on the known scenarios of attack that cause a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45934"
},
{
"category": "external",
"summary": "RHBZ#2151959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45934"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d"
}
],
"release_date": "2022-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c"
},
{
"acknowledgments": [
{
"names": [
"Xingyuan Mo"
],
"organization": "IceSword Lab"
}
],
"cve": "CVE-2023-1513",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2023-02-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179892"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 is not affected by this issue as KVM did not include the `KVM_GET_DEBUGREGS` ioctl.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1513"
},
{
"category": "external",
"summary": "RHBZ#2179892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179892"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1513",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1513"
}
],
"release_date": "2023-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems"
},
{
"cve": "CVE-2023-3567",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221463"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3567"
},
{
"category": "external",
"summary": "RHBZ#2221463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/stable-commits/msg285184.html",
"url": "https://www.spinics.net/lists/stable-commits/msg285184.html"
}
],
"release_date": "2023-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2023-4133",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-07-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221702"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: cxgb4: use-after-free in ch_flower_stats_cb()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4133"
},
{
"category": "external",
"summary": "RHBZ#2221702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4133"
}
],
"release_date": "2023-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: cxgb4: use-after-free in ch_flower_stats_cb()"
},
{
"acknowledgments": [
{
"names": [
"Bien Pham (https://sea.com)"
],
"organization": "Team Orca of Sea Security Team"
}
],
"cve": "CVE-2023-4244",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2235306"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to `nft_set_elem_mark_busy`, causing double deactivation of the element and possibly leading to a kernel information leak problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace.\n\nAnd,\n\nOn non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n$ echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n$ sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4244"
},
{
"category": "external",
"summary": "RHBZ#2235306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235306"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4244"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20230810070830.24064-1-pablo@netfilter.org/",
"url": "https://lore.kernel.org/netdev/20230810070830.24064-1-pablo@netfilter.org/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20230815223011.7019-1-fw@strlen.de/",
"url": "https://lore.kernel.org/netdev/20230815223011.7019-1-fw@strlen.de/"
}
],
"release_date": "2023-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"nftables\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction"
},
{
"acknowledgments": [
{
"names": [
"Alon Zahavi"
]
}
],
"cve": "CVE-2023-6121",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250043"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6121"
},
{
"category": "external",
"summary": "RHBZ#2250043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250043"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6121"
}
],
"release_date": "2023-11-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by explicitly setting the kernel parameter to restrict unprivileged users from using dmesg:\n```\nsudo sysctl -w kernel.dmesg_restrict=1\n```\nTo make it persistent between system reboots:\n```\necho \u0027kernel.dmesg_restrict=1\u0027 | sudo tee -a /etc/sysctl.conf\n```",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get"
},
{
"cve": "CVE-2023-6176",
"discovery_date": "2023-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219359"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: local dos vulnerability in scatterwalk_copychunks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6176"
},
{
"category": "external",
"summary": "RHBZ#2219359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6176"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066"
}
],
"release_date": "2023-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: local dos vulnerability in scatterwalk_copychunks"
},
{
"acknowledgments": [
{
"names": [
"Xingyuan Mo"
],
"organization": "(IceSword Lab)"
}
],
"cve": "CVE-2023-6622",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253632"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null pointer dereference vulnerability in nft_dynset_init()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To trigger the issue, it requires the ability to create user/net namespaces.\n\nOn non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation, as the functionality is needed to be enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6622"
},
{
"category": "external",
"summary": "RHBZ#2253632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6622"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6622",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6622"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea",
"url": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea"
}
],
"release_date": "2023-12-08T11:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"netfilter\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: null pointer dereference vulnerability in nft_dynset_init()"
},
{
"acknowledgments": [
{
"names": [
"ZhengHan Wang"
],
"organization": "Hillstone Network"
}
],
"cve": "CVE-2023-6915",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-12-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254982"
}
],
"notes": [
{
"category": "description",
"text": "A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6915"
},
{
"category": "external",
"summary": "RHBZ#2254982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6915"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a",
"url": "https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a"
}
],
"release_date": "2024-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c"
},
{
"cve": "CVE-2023-6932",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2255283"
}
],
"notes": [
{
"category": "description",
"text": "A race condition has been discovered in the Linux kernel\u0027s Internet Group Management Protocol (IGMP) implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the normal operation of affected systems, leading to service disruption or, in the worst case, unauthorized access to sensitive resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in IPv4 IGMP",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability poses a moderate severity risk due to its potential to trigger a use-after-free issue when processing IGMPv2 query packets under specific conditions. An attacker could exploit this flaw by continuously sending crafted IGMPv2 query packets to a vulnerable system, causing a reference count underflow in the multicast group list management. Subsequently, this could lead to a use-after-free scenario, potentially resulting in a denial-of-service condition or other adverse effects. While exploitation requires specific configurations and continuous packet transmission, the impact could be significant, warranting attention and remediation to prevent potential exploitation and system instability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6932"
},
{
"category": "external",
"summary": "RHBZ#2255283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6932",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6932"
}
],
"release_date": "2023-12-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in IPv4 IGMP"
},
{
"cve": "CVE-2023-24023",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2023-12-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254961"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live injection, aka BLUFFS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability identified as CVE-2023-24023, dubbed \"Bluetooth Forward and Future Secrecy Attacks and Defenses (BLUFFS),\" is categorized as having moderate severity due to several factors. While it does allow for potential Man-in-The-Middle (MITM) attacks between paired Bluetooth BR/EDR devices, its impact is somewhat limited by certain conditions. Firstly, successful exploitation requires the attacker to be within wireless range of the vulnerable devices during the encryption procedure initiation. Additionally, the attacker\u0027s ability to force a reduction in encryption key length may not guarantee real-time brute-forcing of the key, particularly if it exceeds 7 octets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24023"
},
{
"category": "external",
"summary": "RHBZ#2254961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254961"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24023"
},
{
"category": "external",
"summary": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/bluffs-vulnerability/",
"url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/bluffs-vulnerability/"
}
],
"release_date": "2023-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses"
},
{
"cve": "CVE-2023-25775",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2023-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2231410"
}
],
"notes": [
{
"category": "description",
"text": "An improper access control flaw was found in the Intel(R) Ethernet Controller RDMA driver in the Linux Kernel. This flaw allows an unauthenticated user to enable privilege escalation via network access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: irdma: Improper access control",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25775"
},
{
"category": "external",
"summary": "RHBZ#2231410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231410"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25775"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html"
}
],
"release_date": "2023-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: irdma: Improper access control"
},
{
"cve": "CVE-2023-28464",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177759"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability was found in the hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux Kernel. This issue may cause a denial of service or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: double free in hci_conn_cleanup of the bluetooth subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28464"
},
{
"category": "external",
"summary": "RHBZ#2177759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177759"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28464"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/03/28/2",
"url": "https://www.openwall.com/lists/oss-security/2023/03/28/2"
}
],
"release_date": "2023-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: double free in hci_conn_cleanup of the bluetooth subsystem"
},
{
"cve": "CVE-2023-31083",
"discovery_date": "2023-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2213132"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s Bluetooth HCI UART driver. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-31083"
},
{
"category": "external",
"summary": "RHBZ#2213132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-31083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31083"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/bluetooth/hci_ldisc.c?h=v6.6-rc7\u0026id=9c33663af9ad115f90c076a1828129a3fbadea98",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/bluetooth/hci_ldisc.c?h=v6.6-rc7\u0026id=9c33663af9ad115f90c076a1828129a3fbadea98"
}
],
"release_date": "2023-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module hci_uart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl"
},
{
"cve": "CVE-2023-37453",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221039"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: usb: out-of-bounds read in read_descriptors",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux minor releases prior to 8.9.0 and 9.3.0 are not affected by this CVE as they did not include the upstream commit that introduced this flaw: https://github.com/torvalds/linux/commit/45bf39f8df7f.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37453"
},
{
"category": "external",
"summary": "RHBZ#2221039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37453"
}
],
"release_date": "2023-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: usb: out-of-bounds read in read_descriptors"
},
{
"cve": "CVE-2023-38409",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2023-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230042"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38409"
},
{
"category": "external",
"summary": "RHBZ#2230042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d"
}
],
"release_date": "2023-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"fbcon\" onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment"
},
{
"cve": "CVE-2023-39189",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2226777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39189"
},
{
"category": "external",
"summary": "RHBZ#2226777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39189"
}
],
"release_date": "2023-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Passive OS Fingerprinting match module (`xt_osf`) from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()"
},
{
"cve": "CVE-2023-39192",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2226784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: xtables out-of-bounds read in u32_match_it()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 9 is not affected by this flaw as the `xt_u32` driver is not built.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39192"
},
{
"category": "external",
"summary": "RHBZ#2226784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39192"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `xt_u32` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: xtables out-of-bounds read in u32_match_it()"
},
{
"cve": "CVE-2023-39193",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2226787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: xtables sctp out-of-bounds read in match_flags()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39193"
},
{
"category": "external",
"summary": "RHBZ#2226787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39193"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `xt_sctp` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: xtables sctp out-of-bounds read in match_flags()"
},
{
"cve": "CVE-2023-39194",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2226788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39194"
},
{
"category": "external",
"summary": "RHBZ#2226788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39194",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39194"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()"
},
{
"cve": "CVE-2023-39198",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2218332"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a Moderate impact due to the restricted privileges (access to /dev/dri/card0) needed for the bug to be exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39198"
},
{
"category": "external",
"summary": "RHBZ#2218332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39198"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39198",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39198"
}
],
"release_date": "2023-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()"
},
{
"cve": "CVE-2023-42754",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239845"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this CVE, as they did not include the upstream commit that introduced this flaw: https://github.com/torvalds/linux/commit/ed0de45.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42754"
},
{
"category": "external",
"summary": "RHBZ#2239845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239845"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42754",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42754"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2023/q4/14",
"url": "https://seclists.org/oss-sec/2023/q4/14"
}
],
"release_date": "2023-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()"
},
{
"cve": "CVE-2023-42755",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239847"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: rsvp: out-of-bounds read in rsvp_classify()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The rsvp classifier has been retired upstream (commit 265b4da \"net/sched: Retire rsvp classifier\"). Red Hat Enterprise Linux 9 is not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-42755"
},
{
"category": "external",
"summary": "RHBZ#2239847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42755",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42755"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2023/q3/229",
"url": "https://seclists.org/oss-sec/2023/q3/229"
}
],
"release_date": "2023-09-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected `cls_rsvp` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: rsvp: out-of-bounds read in rsvp_classify()"
},
{
"cve": "CVE-2023-45863",
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244720"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw was found in the load/unload module in the Linux kernel\u0027s kobject functionality, potentially triggering a race condition in the kobject_get_path function. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45863"
},
{
"category": "external",
"summary": "RHBZ#2244720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45863"
}
],
"release_date": "2023-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write"
},
{
"cve": "CVE-2023-51779",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the bt_sock_recvmsg() and bt_sock_ioctl() functions could lead to a use-after-free on a socket buffer (\"skb\"). This flaw allows a local user to cause a denial of service condition or potential code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a Moderate impact because it is believed to be difficult to exploit and it is not clear whether or not it could be used to achieve local privilege escalation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51779"
},
{
"category": "external",
"summary": "RHBZ#2256822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51779"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768",
"url": "https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768"
}
],
"release_date": "2023-12-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg"
},
{
"cve": "CVE-2023-51780",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2257682"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s net/atm/ioctl.c (ATM networking technology driver): do_vcc_ioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vcc_recvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, or cause the system to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in net/atm/ioctl.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered to be Moderate because there is no known way to trigger kernel panic, only read incorrect buffer size because it occurs in the SIOCINQ call that returns the number of unread bytes in the receive buffer.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "RHBZ#2257682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51780"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3",
"url": "https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3"
}
],
"release_date": "2024-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module atm from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in net/atm/ioctl.c"
},
{
"cve": "CVE-2023-52340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-01-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2257979"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in the routing table size was found in the ICMPv6 handling of \"Packet Too Big\". The size of the routing table is regulated by periodic garbage collection. However, with \"Packet Too Big Messages\" it is possible to exceed the routing table size and garbage collector threshold. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ICMPv6 \u201cPacket Too Big\u201d packets force a DoS of the Linux kernel by forcing 100% CPU",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52340"
},
{
"category": "external",
"summary": "RHBZ#2257979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257979"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52340"
},
{
"category": "external",
"summary": "https://alas.aws.amazon.com/cve/html/CVE-2023-52340.html",
"url": "https://alas.aws.amazon.com/cve/html/CVE-2023-52340.html"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277"
}
],
"release_date": "2024-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ICMPv6 \u201cPacket Too Big\u201d packets force a DoS of the Linux kernel by forcing 100% CPU"
},
{
"cve": "CVE-2023-52434",
"discovery_date": "2024-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265285"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2_parse_contexts() function. Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: smb: client: fix potential OOBs in smb2_parse_contexts()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52434"
},
{
"category": "external",
"summary": "RHBZ#2265285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265285"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=17a0f64cc02d4972e21c733d9f21d1c512963afa",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=17a0f64cc02d4972e21c733d9f21d1c512963afa"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=af1689a9b7701d9907dfc84d2a4b57c4bc907144",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=af1689a9b7701d9907dfc84d2a4b57c4bc907144"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024022033-makeshift-flammable-cb72@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024022033-makeshift-flammable-cb72@gregkh/T/#u"
}
],
"release_date": "2024-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: smb: client: fix potential OOBs in smb2_parse_contexts()"
},
{
"cve": "CVE-2023-52448",
"discovery_date": "2024-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265653"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel when accessing the rgd-\u003erd_rgl in the gfs2_rgrp_dump() function. This issue may lead to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52448"
},
{
"category": "external",
"summary": "RHBZ#2265653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52448"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024022255-CVE-2023-52448-7bf2@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024022255-CVE-2023-52448-7bf2@gregkh/T/#u"
}
],
"release_date": "2024-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump"
},
{
"cve": "CVE-2023-52489",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269189"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52489"
},
{
"category": "external",
"summary": "RHBZ#2269189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T",
"url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage"
},
{
"cve": "CVE-2023-52574",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267750"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in drivers/net/team/team.c in the Linux kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: team: NULL pointer dereference when team device type is changed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52574"
},
{
"category": "external",
"summary": "RHBZ#2267750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52574"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024030256-CVE-2023-52574-a423@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024030256-CVE-2023-52574-a423@gregkh/T/#u"
}
],
"release_date": "2024-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: team: NULL pointer dereference when team device type is changed"
},
{
"cve": "CVE-2023-52580",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2024-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267760"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the ETH_P_1588 flow dissector in the Linux Kernel, which can lead to a kernel crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/core: kernel crash in ETH_P_1588 flow dissector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52580"
},
{
"category": "external",
"summary": "RHBZ#2267760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52580"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52580",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52580"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52580-c37e@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52580-c37e@gregkh/T/#u"
}
],
"release_date": "2024-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/core: kernel crash in ETH_P_1588 flow dissector"
},
{
"cve": "CVE-2023-52581",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267761"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the source code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: memory leak when more than 255 elements expired",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace.\n\nAlso, on non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n$ echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n$ sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52581"
},
{
"category": "external",
"summary": "RHBZ#2267761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52581"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u"
}
],
"release_date": "2024-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"nftables\" onto the system until we have an available fix. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_tables: memory leak when more than 255 elements expired"
},
{
"cve": "CVE-2023-52597",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268311"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: fix setting of fpc register\n\nkvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control\n(fpc) register of a guest cpu. The new value is tested for validity by\ntemporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the host process:\nif an interrupt happens while the value is temporarily loaded into the fpc\nregister, and within interrupt context floating point or vector registers\nare used, the current fp/vx registers are saved with save_fpu_regs()\nassuming they belong to user space and will be loaded into fp/vx registers\nwhen returning to user space.\n\ntest_fp_ctl() restores the original user space / host process fpc register\nvalue, however it will be discarded, when returning to user space.\n\nIn result the host process will incorrectly continue to run with the value\nthat was supposed to be used for a guest cpu.\n\nFix this by simply removing the test. There is another test right before\nthe SIE context is entered which will handles invalid values.\n\nThis results in a change of behaviour: invalid values will now be accepted\ninstead of that the ioctl fails with -EINVAL. This seems to be acceptable,\ngiven that this interface is most likely not used anymore, and this is in\naddition the same behaviour implemented with the memory mapped interface\n(replace invalid values with zero) - see sync_regs() in kvm-s390.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: s390: fix setting of fpc register",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52597"
},
{
"category": "external",
"summary": "RHBZ#2268311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268311"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52597"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024030646-CVE-2023-52597-2ed6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024030646-CVE-2023-52597-2ed6@gregkh/T"
}
],
"release_date": "2024-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: KVM: s390: fix setting of fpc register"
},
{
"cve": "CVE-2023-52620",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270883"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in netfilter/nf_tables componets of Linux Kernel allows an userspace to set timeouts for anonymous sets, which are not intended to be used this way. This could lead to unexpected behaviour or security issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: disallow timeout for anonymous sets",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52620"
},
{
"category": "external",
"summary": "RHBZ#2270883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270883"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52620"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024032147-CVE-2023-52620-11a9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024032147-CVE-2023-52620-11a9@gregkh/T"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_tables: disallow timeout for anonymous sets"
},
{
"cve": "CVE-2024-0841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2256490"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-0841"
},
{
"category": "external",
"summary": "RHBZ#2256490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841"
}
],
"release_date": "2024-01-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function"
},
{
"cve": "CVE-2024-25742",
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270836"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: amd: Instruction raise #VC exception at exit",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25742"
},
{
"category": "external",
"summary": "RHBZ#2270836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25742",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25742"
},
{
"category": "external",
"summary": "https://arxiv.org/html/2404.03526v1",
"url": "https://arxiv.org/html/2404.03526v1"
},
{
"category": "external",
"summary": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
}
],
"release_date": "2024-04-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: amd: Instruction raise #VC exception at exit"
},
{
"cve": "CVE-2024-25743",
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270836"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: amd: Instruction raise #VC exception at exit",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25743"
},
{
"category": "external",
"summary": "RHBZ#2270836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25743"
},
{
"category": "external",
"summary": "https://arxiv.org/html/2404.03526v1",
"url": "https://arxiv.org/html/2404.03526v1"
},
{
"category": "external",
"summary": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html"
}
],
"release_date": "2024-04-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: amd: Instruction raise #VC exception at exit"
},
{
"cve": "CVE-2024-26602",
"discovery_date": "2024-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2267695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in sys_membarrier in the Linux kernel in sched/membarrier in how a user calls it at too high of a frequency. This flaw allows a local user to saturate the machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26602"
},
{
"category": "external",
"summary": "RHBZ#2267695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26602"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/944d5fe50f3f03daacfea16300e656a1691c4a23",
"url": "https://github.com/torvalds/linux/commit/944d5fe50f3f03daacfea16300e656a1691c4a23"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76@gregkh/",
"url": "https://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76@gregkh/"
}
],
"release_date": "2024-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier"
},
{
"cve": "CVE-2024-26609",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269217"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26609"
},
{
"category": "external",
"summary": "RHBZ#2269217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26609"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26609",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26609"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-41-lee@kernel.org/T",
"url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-41-lee@kernel.org/T"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters"
},
{
"cve": "CVE-2024-26671",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272811"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: blk-mq: fix IO hang from sbitmap wakeup race",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is fixed in RHEL-9.4 and above (including RHEL 8.10)\n~~~\na7f97b4cae32 (in rhel-9.4, rhel-9.5) blk-mq: fix IO hang from sbitmap wakeup race \n098ab94a5112 (in rhel-8.10) blk-mq: fix IO hang from sbitmap wakeup race\n~~~\n\nPlease note that while RHEL-9 kernel-rt still appears as affected, it has been fixed in the same RHSA as RHEL-9 kernel. This is because from RHEL-9.3 onwards, the kernel and kernel-rt fixes are bundled together in a single errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "RHBZ#2272811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T"
}
],
"release_date": "2024-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-22T10:16:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2950"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src",
"RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64",
"RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: blk-mq: fix IO hang from sbitmap wakeup race"
}
]
}
rhsa-2024_8614
Vulnerability from csaf_redhat
Published
2024-10-30 00:15
Modified
2024-11-06 07:22
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
* hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201)
* kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)
* kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)
* kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (CVE-2024-26686)
* kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)
* kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961)
* kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)
* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)
* kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960)
* kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (CVE-2024-40998)
* kernel: filelock: fix potential use-after-free in posix_lock_inode (CVE-2024-41049)
* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)
* kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)\n\n* hw: cpu: intel: Native Branch History Injection (BHI) (CVE-2024-2201)\n\n* kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage (CVE-2023-52489)\n\n* kernel: blk-mq: fix IO hang from sbitmap wakeup race (CVE-2024-26671)\n\n* kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats (CVE-2024-26686)\n\n* kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)\n\n* kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del (CVE-2024-26961)\n\n* kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47384)\n\n* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)\n\n* kernel: ipv6: prevent possible NULL dereference in rt6_probe() (CVE-2024-40960)\n\n* kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super() (CVE-2024-40998)\n\n* kernel: filelock: fix potential use-after-free in posix_lock_inode (CVE-2024-41049)\n\n* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)\n\n* kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8614",
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "2268118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118"
},
{
"category": "external",
"summary": "2269189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
},
{
"category": "external",
"summary": "2272811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
},
{
"category": "external",
"summary": "2273109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109"
},
{
"category": "external",
"summary": "2275604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275604"
},
{
"category": "external",
"summary": "2278176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176"
},
{
"category": "external",
"summary": "2282356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282356"
},
{
"category": "external",
"summary": "2284571",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571"
},
{
"category": "external",
"summary": "2297544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297544"
},
{
"category": "external",
"summary": "2297582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297582"
},
{
"category": "external",
"summary": "2300422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300422"
},
{
"category": "external",
"summary": "2300429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
},
{
"category": "external",
"summary": "2301519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301519"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8614.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2024-11-06T07:22:10+00:00",
"generator": {
"date": "2024-11-06T07:22:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8614",
"initial_release_date": "2024-10-30T00:15:44+00:00",
"revision_history": [
{
"date": "2024-10-30T00:15:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-30T00:15:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:22:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.90.1.rt14.375.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.90.1.rt14.375.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47384",
"discovery_date": "2024-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282356"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field\n\nIf driver read tmp value sufficient for\n(tmp \u0026 0x08) \u0026\u0026 (!(tmp \u0026 0x80)) \u0026\u0026 ((tmp \u0026 0x7) == ((tmp \u003e\u003e 4) \u0026 0x7))\nfrom device then Null pointer dereference occurs.\n(It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers)\nAlso lm75[] does not serve a purpose anymore after switching to\ndevm_i2c_new_dummy_device() in w83791d_detect_subclients().\n\nThe patch fixes possible NULL pointer dereference by removing lm75[].\n\nFound by Linux Driver Verification project (linuxtesting.org).\n\n[groeck: Dropped unnecessary continuation lines, fixed multi-line alignments]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a moderate severity because the impact is limited to system stability rather than unauthorized access or data exposure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47384"
},
{
"category": "external",
"summary": "RHBZ#2282356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47384"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47384-f311@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47384-f311@gregkh/T"
}
],
"release_date": "2024-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2023-1252",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176140"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 (\"ovl: fix use after free in struct ovl_aio_req\") not applied yet, the kernel could be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ovl: fix use after free in struct ovl_aio_req",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is possibly only triggered if an Ext4 filesystem is mounted. Because of that fact, and because exploitation would require that an attacker was able to control how that filesystem interacted with an OverlayFS filesystem, Red Hat assesses the impact of this vulnerability as Medium.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1252"
},
{
"category": "external",
"summary": "RHBZ#2176140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176140"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1252"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/",
"url": "https://lore.kernel.org/lkml/20211115165433.449951285@linuxfoundation.org/"
}
],
"release_date": "2021-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ovl: fix use after free in struct ovl_aio_req"
},
{
"cve": "CVE-2023-52489",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269189"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52489"
},
{
"category": "external",
"summary": "RHBZ#2269189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T",
"url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage"
},
{
"cve": "CVE-2024-2201",
"cwe": {
"id": "CWE-1423",
"name": "Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution"
},
"discovery_date": "2023-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268118"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: intel: Native Branch History Injection (BHI)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has very limited visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA and documentation) for releasing this content as a RHSA. For more information please contact the binary content vendor.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2201"
},
{
"category": "external",
"summary": "RHBZ#2268118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201"
},
{
"category": "external",
"summary": "https://download.vusec.net/papers/inspectre_sec24.pdf",
"url": "https://download.vusec.net/papers/inspectre_sec24.pdf"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8",
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html#inpage-nav-8"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2024/04/09/15",
"url": "https://www.openwall.com/lists/oss-security/2024/04/09/15"
},
{
"category": "external",
"summary": "https://www.vusec.net/projects/native-bhi/",
"url": "https://www.vusec.net/projects/native-bhi/"
}
],
"release_date": "2024-04-09T04:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: intel: Native Branch History Injection (BHI)"
},
{
"cve": "CVE-2024-26671",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272811"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: blk-mq: fix IO hang from sbitmap wakeup race",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is fixed in RHEL-9.4 and above (including RHEL 8.10)\n~~~\na7f97b4cae32 (in rhel-9.4, rhel-9.5) blk-mq: fix IO hang from sbitmap wakeup race \n098ab94a5112 (in rhel-8.10) blk-mq: fix IO hang from sbitmap wakeup race\n~~~\n\nPlease note that while RHEL-9 kernel-rt still appears as affected, it has been fixed in the same RHSA as RHEL-9 kernel. This is because from RHEL-9.3 onwards, the kernel and kernel-rt fixes are bundled together in a single errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "RHBZ#2272811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T"
}
],
"release_date": "2024-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: blk-mq: fix IO hang from sbitmap wakeup race"
},
{
"cve": "CVE-2024-26686",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"discovery_date": "2024-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273109"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the do_task_stat() function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26686"
},
{
"category": "external",
"summary": "RHBZ#2273109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats"
},
{
"cve": "CVE-2024-26826",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275604"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A logical error in the Multipath TCP packet manager causes some packets intended for retransmission to be lost, resulting in a potential denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: fix data re-injection from stale subflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26826"
},
{
"category": "external",
"summary": "RHBZ#2275604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275604"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26826"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024041703-CVE-2024-26826-b984@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024041703-CVE-2024-26826-b984@gregkh/T"
}
],
"release_date": "2024-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: fix data re-injection from stale subflow"
},
{
"cve": "CVE-2024-26961",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2024-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux Kernel where resources are improperly managed in IEEE 802.15.4 networking, leading to a potential use-after-free issue, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26961"
},
{
"category": "external",
"summary": "RHBZ#2278176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T"
}
],
"release_date": "2024-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del"
},
{
"cve": "CVE-2024-36889",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2024-05-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2284571"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Modules linked in:\n CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n Workqueue: events mptcp_worker\n RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n \t\u003c0f\u003e 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n process_scheduled_works kernel/workqueue.c:3335 [inline]\n worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n kthread+0x121/0x170 kernel/kthread.c:388\n ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using \u0027bad\u0027 snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: ensure snd_nxt is properly initialized on connect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36889"
},
{
"category": "external",
"summary": "RHBZ#2284571",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T"
}
],
"release_date": "2024-05-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: ensure snd_nxt is properly initialized on connect"
},
{
"cve": "CVE-2024-40960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297544"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL dereference in rt6_probe()\n\nsyzbot caught a NULL dereference in rt6_probe() [1]\n\nBail out if __in6_dev_get() returns NULL.\n\n[1]\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000658-0x000000000000065f]\nCPU: 1 PID: 22444 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\n RIP: 0010:rt6_probe net/ipv6/route.c:656 [inline]\n RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758\nCode: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19\nRSP: 0018:ffffc900034af070 EFLAGS: 00010203\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000\nRDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c\nRBP: ffffc900034af150 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a\nR13: 1ffff92000695e18 R14: ffff8880244a1d20 R15: 0000000000000000\nFS: 00007f4844a5a6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784\n nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496\n __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825\n find_rr_leaf net/ipv6/route.c:853 [inline]\n rt6_select net/ipv6/route.c:897 [inline]\n fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195\n ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231\n pol_lookup_func include/net/ip6_fib.h:616 [inline]\n fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref net/ipv6/route.c:2639 [inline]\n ip6_route_output_flags+0x1d0/0x640 net/ipv6/route.c:2651\n ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147\n ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250\n rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw.c:898\n inet_sendmsg+0x119/0x140 net/ipv4/af_inet.c:853\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_write_iter+0x4b8/0x5c0 net/socket.c:1160\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x6b6/0x1140 fs/read_write.c:590\n ksys_write+0x1f8/0x260 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv6: prevent possible NULL dereference in rt6_probe()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40960"
},
{
"category": "external",
"summary": "RHBZ#2297544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40960"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40960-d46f@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40960-d46f@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv6: prevent possible NULL dereference in rt6_probe()"
},
{
"cve": "CVE-2024-40998",
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297582"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix uninitialized ratelimit_state-\u003elock access in __ext4_fill_super()\n\nIn the following concurrency we will access the uninitialized rs-\u003elock:\n\next4_fill_super\n ext4_register_sysfs\n // sysfs registered msg_ratelimit_interval_ms\n // Other processes modify rs-\u003einterval to\n // non-zero via msg_ratelimit_interval_ms\n ext4_orphan_cleanup\n ext4_msg(sb, KERN_INFO, \"Errors on filesystem, \"\n __ext4_msg\n ___ratelimit(\u0026(EXT4_SB(sb)-\u003es_msg_ratelimit_state)\n if (!rs-\u003einterval) // do nothing if interval is 0\n return 1;\n raw_spin_trylock_irqsave(\u0026rs-\u003elock, flags)\n raw_spin_trylock(lock)\n _raw_spin_trylock\n __raw_spin_trylock\n spin_acquire(\u0026lock-\u003edep_map, 0, 1, _RET_IP_)\n lock_acquire\n __lock_acquire\n register_lock_class\n assign_lock_key\n dump_stack();\n ratelimit_state_init(\u0026sbi-\u003es_msg_ratelimit_state, 5 * HZ, 10);\n raw_spin_lock_init(\u0026rs-\u003elock);\n // init rs-\u003elock here\n\nand get the following dump_stack:\n\n=========================================================\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504\n[...]\nCall Trace:\n dump_stack_lvl+0xc5/0x170\n dump_stack+0x18/0x30\n register_lock_class+0x740/0x7c0\n __lock_acquire+0x69/0x13a0\n lock_acquire+0x120/0x450\n _raw_spin_trylock+0x98/0xd0\n ___ratelimit+0xf6/0x220\n __ext4_msg+0x7f/0x160 [ext4]\n ext4_orphan_cleanup+0x665/0x740 [ext4]\n __ext4_fill_super+0x21ea/0x2b10 [ext4]\n ext4_fill_super+0x14d/0x360 [ext4]\n[...]\n=========================================================\n\nNormally interval is 0 until s_msg_ratelimit_state is initialized, so\n___ratelimit() does nothing. But registering sysfs precedes initializing\nrs-\u003elock, so it is possible to change rs-\u003einterval to a non-zero value\nvia the msg_ratelimit_interval_ms interface of sysfs while rs-\u003elock is\nuninitialized, and then a call to ext4_msg triggers the problem by\naccessing an uninitialized rs-\u003elock. Therefore register sysfs after all\ninitializations are complete to avoid such problems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40998"
},
{
"category": "external",
"summary": "RHBZ#2297582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297582"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40998"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071252-CVE-2024-40998-90d6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071252-CVE-2024-40998-90d6@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: fix uninitialized ratelimit_state-\u0026gt;lock access in __ext4_fill_super()"
},
{
"cve": "CVE-2024-41049",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300422"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilelock: fix potential use-after-free in posix_lock_inode\n\nLight Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().\nThe request pointer had been changed earlier to point to a lock entry\nthat was added to the inode\u0027s list. However, before the tracepoint could\nfire, another task raced in and freed that lock.\n\nFix this by moving the tracepoint inside the spinlock, which should\nensure that this doesn\u0027t happen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: filelock: fix potential use-after-free in posix_lock_inode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41049"
},
{
"category": "external",
"summary": "RHBZ#2300422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41049"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072927-CVE-2024-41049-bf28@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072927-CVE-2024-41049-bf28@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: filelock: fix potential use-after-free in posix_lock_inode"
},
{
"cve": "CVE-2024-41055",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300429"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41055"
},
{
"category": "external",
"summary": "RHBZ#2300429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()"
},
{
"cve": "CVE-2024-42152",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2024-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301519"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a possible leak when destroy a ctrl during qp establishment\n\nIn nvmet_sq_destroy we capture sq-\u003ectrl early and if it is non-NULL we\nknow that a ctrl was allocated (in the admin connect request handler)\nand we need to release pending AERs, clear ctrl-\u003esqs and sq-\u003ectrl\n(for nvme-loop primarily), and drop the final reference on the ctrl.\n\nHowever, a small window is possible where nvmet_sq_destroy starts (as\na result of the client giving up and disconnecting) concurrently with\nthe nvme admin connect cmd (which may be in an early stage). But *before*\nkill_and_confirm of sq-\u003eref (i.e. the admin connect managed to get an sq\nlive reference). In this case, sq-\u003ectrl was allocated however after it was\ncaptured in a local variable in nvmet_sq_destroy.\nThis prevented the final reference drop on the ctrl.\n\nSolve this by re-capturing the sq-\u003ectrl after all inflight request has\ncompleted, where for sure sq-\u003ectrl reference is final, and move forward\nbased on that.\n\nThis issue was observed in an environment with many hosts connecting\nmultiple ctrls simoutanuosly, creating a delay in allocating a ctrl\nleading up to this race window.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42152"
},
{
"category": "external",
"summary": "RHBZ#2301519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42152"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024073034-CVE-2024-42152-c248@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024073034-CVE-2024-42152-c248@gregkh/T"
}
],
"release_date": "2024-07-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T00:15:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8614"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.90.1.rt14.375.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment"
}
]
}
rhsa-2024_2394
Vulnerability from csaf_redhat
Published
2024-04-30 09:57
Modified
2024-11-06 05:41
Summary
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)
* kernel: multiple use-after-free vulnerabilities (CVE-2024-1086, CVE-2023-3567, CVE-2023-4133, CVE-2023-6932, CVE-2023-39198, CVE-2023-51043, CVE-2023-51779, CVE-2023-51780, CVE-2024-1085, CVE-2024-26582)
* kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)
* kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion (CVE-2022-0480)
* kernel: multiple NULL pointer dereference vulnerabilities (CVE-2022-38096, CVE-2023-6622, CVE-2023-6915, CVE-2023-42754, CVE-2023-46862, CVE-2023-52574, CVE-2024-0841, CVE-2023-52448)
* kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c (CVE-2022-45934)
* kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable() (CVE-2023-6040)
* kernel: GC's deletion of an SKB races with unix_stream_read_generic() leading to UAF (CVE-2023-6531)
* kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size (CVE-2023-6931)
* kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses (CVE-2023-24023)
* kernel: irdma: Improper access control (CVE-2023-25775)
* Kernel: double free in hci_conn_cleanup of the bluetooth subsystem (CVE-2023-28464)
* kernel: Bluetooth: HCI: global out-of-bounds access in net/bluetooth/hci_sync.c (CVE-2023-28866)
* kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl (CVE-2023-31083)
* kernel: multiple out-of-bounds read vulnerabilities (CVE-2023-37453, CVE-2023-39189, CVE-2023-39193, CVE-2023-6121, CVE-2023-39194)
* kernel: netfilter: race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP (CVE-2023-42756)
* kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write (CVE-2023-45863)
* kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)
* kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)
* kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)
* kernel: multiple memory leak vulnerabilities (CVE-2023-52529, CVE-2023-52581)
* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)
* kernel: net/core: kernel crash in ETH_P_1588 flow dissector (CVE-2023-52580)
* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)
* kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client (CVE-2024-0565)
* kernel: tls: race between async notify and socket close (CVE-2024-26583)
* kernel: tls: handle backlogging of crypto requests (CVE-2024-26584)
* kernel: tls: race between tx work scheduling and socket close (CVE-2024-26585)
* kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption (CVE-2024-26586)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier (CVE-2024-26602)
* kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters (CVE-2024-26609)
* kernel: local dos vulnerability in scatterwalk_copychunks (CVE-2023-6176)
* kernel: perf/x86/lbr: Filter vsyscall addresses (CVE-2023-52476)
* kernel: netfilter: nf_tables: disallow timeout for anonymous sets (CVE-2023-52620)
* kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (CVE-2024-26633)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.