Action not permitted
Modal body text goes here.
cve-2024-40961
Vulnerability from cvelistv5
Published
2024-07-12 12:32
Modified
2024-11-05 09:34
Severity ?
EPSS score ?
Summary
ipv6: prevent possible NULL deref in fib6_nh_init()
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:39:55.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3200ffeec4d59aad5bc9ca75d2c1fae47c0aeade"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de5ad4d45cd0128a2a37555f48ab69aa19d78adc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4cdfe813015d5a24586bd0a84fa0fa6eb0a1f668"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/88b9a55e2e35ea846d41f4efdc29d23345bd1aa4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b6947723c9eabcab58cfb33cdb0a565a6aee6727"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ae8d3d39efe366c2198f530e01e4bf07830bf403"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2eab4543a2204092c3a7af81d7d6c506e59a03a6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40961",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:03:26.191957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:23.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/route.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3200ffeec4d5",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "de5ad4d45cd0",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "4cdfe813015d",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "88b9a55e2e35",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "b6947723c9ea",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "ae8d3d39efe3",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
},
{
"lessThan": "2eab4543a220",
"status": "affected",
"version": "428604fb118f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/route.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.17"
},
{
"lessThan": "4.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.279",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL deref in fib6_nh_init()\n\nsyzbot reminds us that in6_dev_get() can return NULL.\n\nfib6_nh_init()\n ip6_validate_gw( \u0026idev )\n ip6_route_check_nh( idev )\n *idev = in6_dev_get(dev); // can be NULL\n\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7]\nCPU: 0 PID: 11237 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\n RIP: 0010:fib6_nh_init+0x640/0x2160 net/ipv6/route.c:3606\nCode: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 d8 48 c1 e8 03 \u003c42\u003e 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b\nRSP: 0018:ffffc900032775a0 EFLAGS: 00010202\nRAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000\nRDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8\nRBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000\nR10: 00000000000002fc R11: 0000000000000000 R12: ffff88802b3a08b8\nR13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000\nFS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c:3809\n ip6_route_add+0x28/0x160 net/ipv6/route.c:3853\n ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483\n inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f940f07cea9"
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T09:34:00.172Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3200ffeec4d59aad5bc9ca75d2c1fae47c0aeade"
},
{
"url": "https://git.kernel.org/stable/c/de5ad4d45cd0128a2a37555f48ab69aa19d78adc"
},
{
"url": "https://git.kernel.org/stable/c/4cdfe813015d5a24586bd0a84fa0fa6eb0a1f668"
},
{
"url": "https://git.kernel.org/stable/c/88b9a55e2e35ea846d41f4efdc29d23345bd1aa4"
},
{
"url": "https://git.kernel.org/stable/c/b6947723c9eabcab58cfb33cdb0a565a6aee6727"
},
{
"url": "https://git.kernel.org/stable/c/ae8d3d39efe366c2198f530e01e4bf07830bf403"
},
{
"url": "https://git.kernel.org/stable/c/2eab4543a2204092c3a7af81d7d6c506e59a03a6"
}
],
"title": "ipv6: prevent possible NULL deref in fib6_nh_init()",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40961",
"datePublished": "2024-07-12T12:32:02.654Z",
"dateReserved": "2024-07-12T12:17:45.594Z",
"dateUpdated": "2024-11-05T09:34:00.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-40961\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-12T13:15:18.110\",\"lastModified\":\"2024-08-21T16:54:20.817\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipv6: prevent possible NULL deref in fib6_nh_init()\\n\\nsyzbot reminds us that in6_dev_get() can return NULL.\\n\\nfib6_nh_init()\\n ip6_validate_gw( \u0026idev )\\n ip6_route_check_nh( idev )\\n *idev = in6_dev_get(dev); // can be NULL\\n\\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI\\nKASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7]\\nCPU: 0 PID: 11237 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\\n RIP: 0010:fib6_nh_init+0x640/0x2160 net/ipv6/route.c:3606\\nCode: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 d8 48 c1 e8 03 \u003c42\u003e 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b\\nRSP: 0018:ffffc900032775a0 EFLAGS: 00010202\\nRAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000\\nRDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8\\nRBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000\\nR10: 00000000000002fc R11: 0000000000000000 R12: ffff88802b3a08b8\\nR13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000\\nFS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0\\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\\nCall Trace:\\n \u003cTASK\u003e\\n ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c:3809\\n ip6_route_add+0x28/0x160 net/ipv6/route.c:3853\\n ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483\\n inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579\\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\\n vfs_ioctl fs/ioctl.c:51 [inline]\\n __do_sys_ioctl fs/ioctl.c:907 [inline]\\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\\nRIP: 0033:0x7f940f07cea9\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ipv6: previene posible deref NULL en fib6_nh_init() syzbot nos recuerda que in6_dev_get() puede devolver NULL. fib6_nh_init() ip6_validate_gw( \u0026amp;idev ) ip6_route_check_nh( idev ) *idev = in6_dev_get(dev); // puede ser NULL Ups: falla de protecci\u00f3n general, probablemente para direcci\u00f3n no can\u00f3nica 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7] CPU: 0 PID: 11237 Co mil\u00edmetros: syz-executor.3 No est\u00e1 contaminado 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/06/2024 RIP: 0010:fib6_nh_init+0x640/0x2160 net/ ipv6/route.c:3606 C\u00f3digo: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 8 48 c1 e8 03 \u0026lt;42\u0026gt; 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b RSP: 0018:ffffc900032775a0 EFLAGS: 00010202 RAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000 RDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8 RBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000 R10: 00000000000002fc R11: 0000000000000000 R12: ff88802b3a08b8 R13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000 FS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) 000000000000 CS: 0010 DS: 0000 ES : 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000 000 DR2: 0000000000000000 DR3: 00000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c :3809 ip6_route_add+0x28/0x160 net/ipv6/route.c:3853 ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483 inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579 0x158/0x460 neto /socket.c:1222 sock_ioctl+0x629/0x8e0 net/socket.c:1341 vfs_ioctl fs/ioctl.c:51 [en l\u00ednea] __do_sys_ioctl fs/ioctl.c:907 [en l\u00ednea] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c :893 do_syscall_x64 arch/x86/entry/common.c:52 [en l\u00ednea] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 Entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f940f07cea9\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.17\",\"versionEndExcluding\":\"5.4.279\",\"matchCriteriaId\":\"7E97C9AF-9148-4AD9-B3DA-F7F536B4B7DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.221\",\"matchCriteriaId\":\"659E1520-6345-41AF-B893-A7C0647585A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.162\",\"matchCriteriaId\":\"10A39ACC-3005-40E8-875C-98A372D1FFD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.96\",\"matchCriteriaId\":\"61E887B4-732A-40D2-9983-CC6F281EBFB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.36\",\"matchCriteriaId\":\"E1046C95-860A-45B0-B718-2B29F65BFF10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.9.7\",\"matchCriteriaId\":\"0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EBB4392-5FA6-4DA9-9772-8F9C750109FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"331C2F14-12C7-45D5-893D-8C52EE38EA10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3173713D-909A-4DD3-9DD4-1E171EB057EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"79F18AFA-40F7-43F0-BA30-7BDB65F918B9\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2eab4543a2204092c3a7af81d7d6c506e59a03a6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3200ffeec4d59aad5bc9ca75d2c1fae47c0aeade\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4cdfe813015d5a24586bd0a84fa0fa6eb0a1f668\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/88b9a55e2e35ea846d41f4efdc29d23345bd1aa4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ae8d3d39efe366c2198f530e01e4bf07830bf403\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b6947723c9eabcab58cfb33cdb0a565a6aee6727\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/de5ad4d45cd0128a2a37555f48ab69aa19d78adc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
rhsa-2024_8870
Vulnerability from csaf_redhat
Published
2024-11-05 00:54
Modified
2024-11-21 18:37
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)
* kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)
* kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)
* kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)
* kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)
* kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)
* kernel: nouveau: lock the client object tree. (CVE-2024-27062)
* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
* kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)
* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
* kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)
* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
* kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)
* kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)
* kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)
* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
* kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984)
* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)
* kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)
* kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)
* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)
* kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)
* kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)
* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)
* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)
* kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)
* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)
* kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)
* kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)
* kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)
* kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)
* kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)
* kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)
* kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)
* kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)
* kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
* kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)
* kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
* kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)\n\n* kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)\n\n* kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)\n\n* kernel: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)\n\n* kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump (CVE-2024-27017)\n\n* kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed (CVE-2024-26976)\n\n* kernel: nouveau: lock the client object tree. (CVE-2024-27062)\n\n* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)\n\n* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)\n\n* kernel: dma-direct: Leak pages on dma_set_decrypted() failure (CVE-2024-35939)\n\n* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)\n\n* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)\n\n* kernel: of: module: add buffer overflow check in of_modalias() (CVE-2024-38541)\n\n* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)\n\n* kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (CVE-2024-39503)\n\n* kernel: drm/i915/dpt: Make DPT object unshrinkable (CVE-2024-40924)\n\n* kernel: ipv6: prevent possible NULL deref in fib6_nh_init() (CVE-2024-40961)\n\n* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)\n\n* kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34; (CVE-2024-40984)\n\n* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)\n\n* kernel: bpf: Fix overrunning reservations in ringbuf (CVE-2024-41009)\n\n* kernel: netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)\n\n* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)\n\n* kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers (CVE-2024-41092)\n\n* kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)\n\n* kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (CVE-2024-42070)\n\n* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)\n\n* kernel: USB: serial: mos7840: fix crash on resume (CVE-2024-42244)\n\n* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)\n\n* kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)\n\n* kernel: dev/parport: fix the array out-of-bounds risk (CVE-2024-42301)\n\n* kernel: block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)\n\n* kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning (CVE-2024-43880)\n\n* kernel: gso: do not skip outer ip header in case of ipip and net_failover (CVE-2022-48936)\n\n* kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)\n\n* kernel: memcg: protect concurrent access to mem_cgroup_idr (CVE-2024-43892)\n\n* kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)\n\n* kernel: bonding: fix xfrm real_dev null pointer dereference (CVE-2024-44989)\n\n* kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)\n\n* kernel: netfilter: flowtable: initialise extack before use (CVE-2024-45018)\n\n* kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)\n\n* kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8870",
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2266247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266247"
},
{
"category": "external",
"summary": "2269183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269183"
},
{
"category": "external",
"summary": "2275750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275750"
},
{
"category": "external",
"summary": "2277168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277168"
},
{
"category": "external",
"summary": "2278262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278262"
},
{
"category": "external",
"summary": "2278350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278350"
},
{
"category": "external",
"summary": "2278387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278387"
},
{
"category": "external",
"summary": "2281284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281284"
},
{
"category": "external",
"summary": "2281669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281669"
},
{
"category": "external",
"summary": "2281817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281817"
},
{
"category": "external",
"summary": "2293356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293356"
},
{
"category": "external",
"summary": "2293402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293402"
},
{
"category": "external",
"summary": "2293458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293458"
},
{
"category": "external",
"summary": "2293459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293459"
},
{
"category": "external",
"summary": "2297475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297475"
},
{
"category": "external",
"summary": "2297508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297508"
},
{
"category": "external",
"summary": "2297545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297545"
},
{
"category": "external",
"summary": "2297567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297567"
},
{
"category": "external",
"summary": "2297568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297568"
},
{
"category": "external",
"summary": "2298109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298109"
},
{
"category": "external",
"summary": "2298412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298412"
},
{
"category": "external",
"summary": "2300412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300412"
},
{
"category": "external",
"summary": "2300442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300442"
},
{
"category": "external",
"summary": "2300487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300487"
},
{
"category": "external",
"summary": "2300488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300488"
},
{
"category": "external",
"summary": "2300508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300508"
},
{
"category": "external",
"summary": "2300517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300517"
},
{
"category": "external",
"summary": "2307862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307862"
},
{
"category": "external",
"summary": "2307865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307865"
},
{
"category": "external",
"summary": "2307892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307892"
},
{
"category": "external",
"summary": "2309852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309852"
},
{
"category": "external",
"summary": "2309853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309853"
},
{
"category": "external",
"summary": "2311715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311715"
},
{
"category": "external",
"summary": "2315178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315178"
},
{
"category": "external",
"summary": "2317601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317601"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8870.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2024-11-21T18:37:30+00:00",
"generator": {
"date": "2024-11-21T18:37:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:8870",
"initial_release_date": "2024-11-05T00:54:55+00:00",
"revision_history": [
{
"date": "2024-11-05T00:54:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-05T00:54:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T18:37:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"product": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"product_id": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.27.1.rt7.368.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.27.1.rt7.368.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48773",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298109"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create\n\nIf there are failures then we must not leave the non-NULL pointers with\nthe error value, otherwise `rpcrdma_ep_destroy` gets confused and tries\nfree them, resulting in an Oops.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48773"
},
{
"category": "external",
"summary": "RHBZ#2298109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48773"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071628-CVE-2022-48773-9563@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071628-CVE-2022-48773-9563@gregkh/T"
}
],
"release_date": "2024-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create"
},
{
"cve": "CVE-2022-48936",
"discovery_date": "2024-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307192"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngso: do not skip outer ip header in case of ipip and net_failover\n\nWe encounter a tcp drop issue in our cloud environment. Packet GROed in\nhost forwards to a VM virtio_net nic with net_failover enabled. VM acts\nas a IPVS LB with ipip encapsulation. The full path like:\nhost gro -\u003e vm virtio_net rx -\u003e net_failover rx -\u003e ipvs fullnat\n -\u003e ipip encap -\u003e net_failover tx -\u003e virtio_net tx\n\nWhen net_failover transmits a ipip pkt (gso_type = 0x0103, which means\nSKB_GSO_TCPV4, SKB_GSO_DODGY and SKB_GSO_IPXIP4), there is no gso\ndid because it supports TSO and GSO_IPXIP4. But network_header points to\ninner ip header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gso: do not skip outer ip header in case of ipip and net_failover",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been rejected at upstream - https://lore.kernel.org/linux-cve-announce/2024083059-REJECTED-7912@gregkh/T/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48936"
},
{
"category": "external",
"summary": "RHBZ#2307192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307192"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48936",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48936"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024082224-CVE-2022-48936-9302@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024082224-CVE-2022-48936-9302@gregkh/T"
}
],
"release_date": "2024-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: gso: do not skip outer ip header in case of ipip and net_failover"
},
{
"cve": "CVE-2023-52492",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269183"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fix NULL pointer in channel unregistration function\n\n__dma_async_device_channel_register() can fail. In case of failure,\nchan-\u003elocal is freed (with free_percpu()), and chan-\u003elocal is nullified.\nWhen dma_async_device_unregister() is called (because of managed API or\nintentionally by DMA controller driver), channels are unconditionally\nunregistered, leading to this NULL pointer:\n[ 1.318693] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0\n[...]\n[ 1.484499] Call trace:\n[ 1.486930] device_del+0x40/0x394\n[ 1.490314] device_unregister+0x20/0x7c\n[ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0\n\nLook at dma_async_device_register() function error path, channel device\nunregistration is done only if chan-\u003elocal is not NULL.\n\nThen add the same condition at the beginning of\n__dma_async_device_channel_unregister() function, to avoid NULL pointer\nissue whatever the API used to reach this function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dmaengine: fix NULL pointer in channel unregistration function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52492"
},
{
"category": "external",
"summary": "RHBZ#2269183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269183"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52492"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-33-lee@kernel.org/T",
"url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-33-lee@kernel.org/T"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: dmaengine: fix NULL pointer in channel unregistration function"
},
{
"cve": "CVE-2024-24857",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266247"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth device driver within the conn_info_{min,max}_age_set() function. This issue can lead to an integrity overflow issue, potentially disrupting Bluetooth connections or facilitating a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24857"
},
{
"category": "external",
"summary": "RHBZ#2266247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24857"
}
],
"release_date": "2024-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()"
},
{
"cve": "CVE-2024-26851",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275750"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the netfilter subsystem of the Linux kernel, specifically in the `nf_conntrack_h323` module. This issue involves inadequate protection for BMP length values, potentially leading to out-of-range conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26851"
},
{
"category": "external",
"summary": "RHBZ#2275750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26851",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26851"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26851-4652@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26851-4652@gregkh/T"
}
],
"release_date": "2024-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range"
},
{
"cve": "CVE-2024-26924",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"discovery_date": "2024-04-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277168"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: do not free live element\n\nPablo reports a crash with large batches of elements with a\nback-to-back add/remove pattern. Quoting Pablo:\n\n add_elem(\"00000000\") timeout 100 ms\n ...\n add_elem(\"0000000X\") timeout 100 ms\n del_elem(\"0000000X\") \u003c---------------- delete one that was just added\n ...\n add_elem(\"00005000\") timeout 100 ms\n\n 1) nft_pipapo_remove() removes element 0000000X\n Then, KASAN shows a splat.\n\nLooking at the remove function there is a chance that we will drop a\nrule that maps to a non-deactivated element.\n\nRemoval happens in two steps, first we do a lookup for key k and return the\nto-be-removed element and mark it as inactive in the next generation.\nThen, in a second step, the element gets removed from the set/map.\n\nThe _remove function does not work correctly if we have more than one\nelement that share the same key.\n\nThis can happen if we insert an element into a set when the set already\nholds an element with same key, but the element mapping to the existing\nkey has timed out or is not active in the next generation.\n\nIn such case its possible that removal will unmap the wrong element.\nIf this happens, we will leak the non-deactivated element, it becomes\nunreachable.\n\nThe element that got deactivated (and will be freed later) will\nremain reachable in the set data structure, this can result in\na crash when such an element is retrieved during lookup (stale\npointer).\n\nAdd a check that the fully matching key does in fact map to the element\nthat we have marked as inactive in the deactivation step.\nIf not, we need to continue searching.\n\nAdd a bug/warn trap at the end of the function as well, the remove\nfunction must not ever be called with an invisible/unreachable/non-existent\nelement.\n\nv2: avoid uneeded temporary variable (Stefano)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nft_set_pipapo: do not free live element",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26924"
},
{
"category": "external",
"summary": "RHBZ#2277168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26924",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26924"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024042420-CVE-2024-26924-4d1e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024042420-CVE-2024-26924-4d1e@gregkh/T"
}
],
"release_date": "2024-04-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: netfilter: nft_set_pipapo: do not free live element"
},
{
"cve": "CVE-2024-26976",
"discovery_date": "2024-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278350"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Always flush async #PF workqueue when vCPU is being destroyed\n\nAlways flush the per-vCPU async #PF workqueue when a vCPU is clearing its\ncompletion queue, e.g. when a VM and all its vCPUs is being destroyed.\nKVM must ensure that none of its workqueue callbacks is running when the\nlast reference to the KVM _module_ is put. Gifting a reference to the\nassociated VM prevents the workqueue callback from dereferencing freed\nvCPU/VM memory, but does not prevent the KVM module from being unloaded\nbefore the callback completes.\n\nDrop the misguided VM refcount gifting, as calling kvm_put_kvm() from\nasync_pf_execute() if kvm_put_kvm() flushes the async #PF workqueue will\nresult in deadlock. async_pf_execute() can\u0027t return until kvm_put_kvm()\nfinishes, and kvm_put_kvm() can\u0027t return until async_pf_execute() finishes:\n\n WARNING: CPU: 8 PID: 251 at virt/kvm/kvm_main.c:1435 kvm_put_kvm+0x2d/0x320 [kvm]\n Modules linked in: vhost_net vhost vhost_iotlb tap kvm_intel kvm irqbypass\n CPU: 8 PID: 251 Comm: kworker/8:1 Tainted: G W 6.6.0-rc1-e7af8d17224a-x86/gmem-vm #119\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Workqueue: events async_pf_execute [kvm]\n RIP: 0010:kvm_put_kvm+0x2d/0x320 [kvm]\n Call Trace:\n \u003cTASK\u003e\n async_pf_execute+0x198/0x260 [kvm]\n process_one_work+0x145/0x2d0\n worker_thread+0x27e/0x3a0\n kthread+0xba/0xe0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n INFO: task kworker/8:1:251 blocked for more than 120 seconds.\n Tainted: G W 6.6.0-rc1-e7af8d17224a-x86/gmem-vm #119\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/8:1 state:D stack:0 pid:251 ppid:2 flags:0x00004000\n Workqueue: events async_pf_execute [kvm]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x33f/0xa40\n schedule+0x53/0xc0\n schedule_timeout+0x12a/0x140\n __wait_for_common+0x8d/0x1d0\n __flush_work.isra.0+0x19f/0x2c0\n kvm_clear_async_pf_completion_queue+0x129/0x190 [kvm]\n kvm_arch_destroy_vm+0x78/0x1b0 [kvm]\n kvm_put_kvm+0x1c1/0x320 [kvm]\n async_pf_execute+0x198/0x260 [kvm]\n process_one_work+0x145/0x2d0\n worker_thread+0x27e/0x3a0\n kthread+0xba/0xe0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nIf kvm_clear_async_pf_completion_queue() actually flushes the workqueue,\nthen there\u0027s no need to gift async_pf_execute() a reference because all\ninvocations of async_pf_execute() will be forced to complete before the\nvCPU and its VM are destroyed/freed. And that in turn fixes the module\nunloading bug as __fput() won\u0027t do module_put() on the last vCPU reference\nuntil the vCPU has been freed, e.g. if closing the vCPU file also puts the\nlast reference to the KVM module.\n\nNote that kvm_check_async_pf_completion() may also take the work item off\nthe completion queue and so also needs to flush the work queue, as the\nwork will not be seen by kvm_clear_async_pf_completion_queue(). Waiting\non the workqueue could theoretically delay a vCPU due to waiting for the\nwork to complete, but that\u0027s a very, very small chance, and likely a very\nsmall delay. kvm_arch_async_page_present_queued() unconditionally makes a\nnew request, i.e. will effectively delay entering the guest, so the\nremaining work is really just:\n\n trace_kvm_async_pf_completed(addr, cr2_or_gpa);\n\n __kvm_vcpu_wake_up(vcpu);\n\n mmput(mm);\n\nand mmput() can\u0027t drop the last reference to the page tables if the vCPU is\nstill alive, i.e. the vCPU won\u0027t get stuck tearing down page tables.\n\nAdd a helper to do the flushing, specifically to deal with \"wakeup all\"\nwork items, as they aren\u0027t actually work items, i.e. are never placed in a\nworkqueue. Trying to flush a bogus workqueue entry rightly makes\n__flush_work() complain (kudos to whoever added that sanity check).\n\nNote, commit 5f6de5cbebee (\"KVM: Prevent module exit until al\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26976"
},
{
"category": "external",
"summary": "RHBZ#2278350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26976"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26976-60d4@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024050133-CVE-2024-26976-60d4@gregkh/T"
}
],
"release_date": "2024-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed"
},
{
"cve": "CVE-2024-27017",
"discovery_date": "2024-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278262"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: walk over current view on netlink dump\n\nThe generation mask can be updated while netlink dump is in progress.\nThe pipapo set backend walk iterator cannot rely on it to infer what\nview of the datastructure is to be used. Add notation to specify if user\nwants to read/update the set.\n\nBased on patch from Florian Westphal.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27017"
},
{
"category": "external",
"summary": "RHBZ#2278262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278262"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27017",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27017"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27017-d867@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27017-d867@gregkh/T"
}
],
"release_date": "2024-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump"
},
{
"cve": "CVE-2024-27062",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nouveau: lock the client object tree.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "RHBZ#2278387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27062"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27062-3291@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27062-3291@gregkh/T"
}
],
"release_date": "2024-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nouveau: lock the client object tree."
},
{
"cve": "CVE-2024-35839",
"discovery_date": "2024-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2281284"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: replace physindev with physinif in nf_bridge_info\n\nAn skb can be added to a neigh-\u003earp_queue while waiting for an arp\nreply. Where original skb\u0027s skb-\u003edev can be different to neigh\u0027s\nneigh-\u003edev. For instance in case of bridging dnated skb from one veth to\nanother, the skb would be added to a neigh-\u003earp_queue of the bridge.\n\nAs skb-\u003edev can be reset back to nf_bridge-\u003ephysindev and used, and as\nthere is no explicit mechanism that prevents this physindev from been\nfreed under us (for instance neigh_flush_dev doesn\u0027t cleanup skbs from\ndifferent device\u0027s neigh queue) we can crash on e.g. this stack:\n\narp_process\n neigh_update\n skb = __skb_dequeue(\u0026neigh-\u003earp_queue)\n neigh_resolve_output(..., skb)\n ...\n br_nf_dev_xmit\n br_nf_pre_routing_finish_bridge_slow\n skb-\u003edev = nf_bridge-\u003ephysindev\n br_handle_frame_finish\n\nLet\u0027s use plain ifindex instead of net_device link. To peek into the\noriginal net_device we will use dev_get_by_index_rcu(). Thus either we\nget device and are safe to use it or we don\u0027t get it and drop skb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-35839"
},
{
"category": "external",
"summary": "RHBZ#2281284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281284"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-35839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35839"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35839",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35839"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-35839-4194@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-35839-4194@gregkh/T"
}
],
"release_date": "2024-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info"
},
{
"cve": "CVE-2024-35898",
"discovery_date": "2024-05-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2281669"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-35898"
},
{
"category": "external",
"summary": "RHBZ#2281669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-35898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35898"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T"
}
],
"release_date": "2024-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()"
},
{
"cve": "CVE-2024-35939",
"discovery_date": "2024-05-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2281817"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-direct: Leak pages on dma_set_decrypted() failure\n\nOn TDX it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\nshould be a rare case. Just leak the pages in this case instead of\nfreeing them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dma-direct: Leak pages on dma_set_decrypted() failure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-35939"
},
{
"category": "external",
"summary": "RHBZ#2281817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281817"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35939"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024051919-CVE-2024-35939-f877@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024051919-CVE-2024-35939-f877@gregkh/T"
}
],
"release_date": "2024-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: dma-direct: Leak pages on dma_set_decrypted() failure"
},
{
"cve": "CVE-2024-38540",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293459"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq\n\nUndefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called\nwith hwq_attr-\u003eaux_depth != 0 and hwq_attr-\u003eaux_stride == 0.\nIn that case, \"roundup_pow_of_two(hwq_attr-\u003eaux_stride)\" gets called.\nroundup_pow_of_two is documented as undefined for 0.\n\nFix it in the one caller that had this combination.\n\nThe undefined behavior was detected by UBSAN:\n UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n CPU: 24 PID: 1075 Comm: (udev-worker) Not tainted 6.9.0-rc6+ #4\n Hardware name: Abacus electric, s.r.o. - servis@abacus.cz Super Server/H12SSW-iN, BIOS 2.7 10/25/2023\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ubsan_epilogue+0x5/0x30\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0xec\n __roundup_pow_of_two+0x25/0x35 [bnxt_re]\n bnxt_qplib_alloc_init_hwq+0xa1/0x470 [bnxt_re]\n bnxt_qplib_create_qp+0x19e/0x840 [bnxt_re]\n bnxt_re_create_qp+0x9b1/0xcd0 [bnxt_re]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __kmalloc+0x1b6/0x4f0\n ? create_qp.part.0+0x128/0x1c0 [ib_core]\n ? __pfx_bnxt_re_create_qp+0x10/0x10 [bnxt_re]\n create_qp.part.0+0x128/0x1c0 [ib_core]\n ib_create_qp_kernel+0x50/0xd0 [ib_core]\n create_mad_qp+0x8e/0xe0 [ib_core]\n ? __pfx_qp_event_handler+0x10/0x10 [ib_core]\n ib_mad_init_device+0x2be/0x680 [ib_core]\n add_client_context+0x10d/0x1a0 [ib_core]\n enable_device_and_get+0xe0/0x1d0 [ib_core]\n ib_register_device+0x53c/0x630 [ib_core]\n ? srso_alias_return_thunk+0x5/0xfbef5\n bnxt_re_probe+0xbd8/0xe50 [bnxt_re]\n ? __pfx_bnxt_re_probe+0x10/0x10 [bnxt_re]\n auxiliary_bus_probe+0x49/0x80\n ? driver_sysfs_add+0x57/0xc0\n really_probe+0xde/0x340\n ? pm_runtime_barrier+0x54/0x90\n ? __pfx___driver_attach+0x10/0x10\n __driver_probe_device+0x78/0x110\n driver_probe_device+0x1f/0xa0\n __driver_attach+0xba/0x1c0\n bus_for_each_dev+0x8f/0xe0\n bus_add_driver+0x146/0x220\n driver_register+0x72/0xd0\n __auxiliary_driver_register+0x6e/0xd0\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n bnxt_re_mod_init+0x3e/0xff0 [bnxt_re]\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n do_one_initcall+0x5b/0x310\n do_init_module+0x90/0x250\n init_module_from_file+0x86/0xc0\n idempotent_init_module+0x121/0x2b0\n __x64_sys_finit_module+0x5e/0xb0\n do_syscall_64+0x82/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode_prepare+0x149/0x170\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode+0x75/0x230\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_syscall_64+0x8e/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __count_memcg_events+0x69/0x100\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? count_memcg_events.constprop.0+0x1a/0x30\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? handle_mm_fault+0x1f0/0x300\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_user_addr_fault+0x34e/0x640\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f4e5132821d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e3 db 0c 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffca9c906a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 0000563ec8a8f130 RCX: 00007f4e5132821d\n RDX: 0000000000000000 RSI: 00007f4e518fa07d RDI: 000000000000003b\n RBP: 00007ffca9c90760 R08: 00007f4e513f6b20 R09: 00007ffca9c906f0\n R10: 0000563ec8a8faa0 R11: 0000000000000246 R12: 00007f4e518fa07d\n R13: 0000000000020000 R14: 0000563ec8409e90 R15: 0000563ec8a8fa60\n \u003c/TASK\u003e\n ---[ end trace ]---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38540"
},
{
"category": "external",
"summary": "RHBZ#2293459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38540"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38540-1d0a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38540-1d0a@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq"
},
{
"cve": "CVE-2024-38541",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293458"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in of_modalias() in the Linux kernel, occurring after the first snprintf() call. This issue could result in loss of availability of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: of: module: add buffer overflow check in of_modalias()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38541"
},
{
"category": "external",
"summary": "RHBZ#2293458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38541"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38541-53d0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061948-CVE-2024-38541-53d0@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: of: module: add buffer overflow check in of_modalias()"
},
{
"cve": "CVE-2024-38586",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293402"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: Fix possible ring buffer corruption on fragmented Tx packets.\n\nAn issue was found on the RTL8125b when transmitting small fragmented\npackets, whereby invalid entries were inserted into the transmit ring\nbuffer, subsequently leading to calls to dma_unmap_single() with a null\naddress.\n\nThis was caused by rtl8169_start_xmit() not noticing changes to nr_frags\nwhich may occur when small packets are padded (to work around hardware\nquirks) in rtl8169_tso_csum_v2().\n\nTo fix this, postpone inspecting nr_frags until after any padding has been\napplied.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38586"
},
{
"category": "external",
"summary": "RHBZ#2293402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293402"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38586"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38586-70d6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38586-70d6@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets."
},
{
"cve": "CVE-2024-38608",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293356"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/mlx5e: Fix netif state handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as low severity, as it requires specific conditions in network interface setup and does not compromise confidentiality or integrity. Its impact is restricted to potential stability issues under rare circumstances.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "RHBZ#2293356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38608",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38608"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2024-38608-4068@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2024-38608-4068@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: net/mlx5e: Fix netif state handling"
},
{
"cve": "CVE-2024-39503",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297475"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Fix race between namespace cleanup and gc in the list:set type\n\nLion Ackermann reported that there is a race condition between namespace cleanup\nin ipset and the garbage collection of the list:set type. The namespace\ncleanup can destroy the list:set type of sets while the gc of the set type is\nwaiting to run in rcu cleanup. The latter uses data from the destroyed set which\nthus leads use after free. The patch contains the following parts:\n\n- When destroying all sets, first remove the garbage collectors, then wait\n if needed and then destroy the sets.\n- Fix the badly ordered \"wait then remove gc\" for the destroy a single set\n case.\n- Fix the missing rcu locking in the list:set type in the userspace test\n case.\n- Use proper RCU list handlings in the list:set type.\n\nThe patch depends on c1193d9bbbd3 (netfilter: ipset: Add list flush to cancel_gc).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Only local users with `CAP_NET_ADMIN` capability (or root) can trigger this issue. \nOn Red Hat Enterprise Linux, local unprivileged users can exploit unprivileged user namespaces (CONFIG_USER_NS) to grant themselves this capability.\n\nThe OpenShift Container Platform (OCP) control planes or master machines are based on Red Hat Enterprise Linux CoreOS (RHCOS) that consists primarily of RHEL components, hence is also affected by this kernel vulnerability. Like it is mentioned earlier, the successful exploit needs necessary privileges (CAP_NET_ADMIN) and direct, local access . Local user in RHCOS is already a root with full permissions, hence existence of this vulnerability does not bring any value from the potential attacker perspective. From the OpenShift containers perspective, this vulnerability cannot be exploited as in OpenShift the cluster processes on the node are namespaced, which means that switching in the running OpenShift container the namespace will not bring necessary capabilities.\nThis means that for OpenShift, the impact of this vulnerability is Low.\nSimilar to CVE-2023-32233 vulnerability has been explained in the following blog post as an example of \"Container escape vulnerability\":\nhttps://www.redhat.com/en/blog/containers-vulnerability-risk-assessment",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39503"
},
{
"category": "external",
"summary": "RHBZ#2297475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39503"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39503-e604@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39503-e604@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "1. This flaw can be mitigated by preventing the affected netfilter (nf_tables) kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.\n\n2. If the module cannot be disabled, on non-containerized deployments of Red Hat Enterprise Linux, the mitigation is to disable user namespaces:\n```\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n```\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use the second mitigation (disabling user namespaces) as the functionality is needed to be enabled. The first mitigation (blacklisting nf_tables) is still viable for containerized deployments, providing the environment is not using netfilter.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type"
},
{
"cve": "CVE-2024-40924",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297508"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dpt: Make DPT object unshrinkable\n\nIn some scenarios, the DPT object gets shrunk but\nthe actual framebuffer did not and thus its still\nthere on the DPT\u0027s vm-\u003ebound_list. Then it tries to\nrewrite the PTEs via a stale CPU mapping. This causes panic.\n\n[vsyrjala: Add TODO comment]\n(cherry picked from commit 51064d471c53dcc8eddd2333c3f1c1d9131ba36c)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/i915/dpt: Make DPT object unshrinkable",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40924"
},
{
"category": "external",
"summary": "RHBZ#2297508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40924",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40924"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071213-CVE-2024-40924-9b9b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071213-CVE-2024-40924-9b9b@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drm/i915/dpt: Make DPT object unshrinkable"
},
{
"cve": "CVE-2024-40961",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297545"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL deref in fib6_nh_init()\n\nsyzbot reminds us that in6_dev_get() can return NULL.\n\nfib6_nh_init()\n ip6_validate_gw( \u0026idev )\n ip6_route_check_nh( idev )\n *idev = in6_dev_get(dev); // can be NULL\n\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7]\nCPU: 0 PID: 11237 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\n RIP: 0010:fib6_nh_init+0x640/0x2160 net/ipv6/route.c:3606\nCode: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 d8 48 c1 e8 03 \u003c42\u003e 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b\nRSP: 0018:ffffc900032775a0 EFLAGS: 00010202\nRAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000\nRDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8\nRBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000\nR10: 00000000000002fc R11: 0000000000000000 R12: ffff88802b3a08b8\nR13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000\nFS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c:3809\n ip6_route_add+0x28/0x160 net/ipv6/route.c:3853\n ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483\n inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f940f07cea9",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv6: prevent possible NULL deref in fib6_nh_init()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40961"
},
{
"category": "external",
"summary": "RHBZ#2297545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40961",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40961"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40961-19bd@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071225-CVE-2024-40961-19bd@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv6: prevent possible NULL deref in fib6_nh_init()"
},
{
"cve": "CVE-2024-40983",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297567"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: force a dst refcount before doing decryption\n\nAs it says in commit 3bc07321ccc2 (\"xfrm: Force a dst refcount before\nentering the xfrm type handlers\"):\n\n\"Crypto requests might return asynchronous. In this case we leave the\n rcu protected region, so force a refcount on the skb\u0027s destination\n entry before we enter the xfrm type input/output handlers.\"\n\nOn TIPC decryption path it has the same problem, and skb_dst_force()\nshould be called before doing decryption to avoid a possible crash.\n\nShuang reported this issue when this warning is triggered:\n\n [] WARNING: include/net/dst.h:337 tipc_sk_rcv+0x1055/0x1ea0 [tipc]\n [] Kdump: loaded Tainted: G W --------- - - 4.18.0-496.el8.x86_64+debug\n [] Workqueue: crypto cryptd_queue_worker\n [] RIP: 0010:tipc_sk_rcv+0x1055/0x1ea0 [tipc]\n [] Call Trace:\n [] tipc_sk_mcast_rcv+0x548/0xea0 [tipc]\n [] tipc_rcv+0xcf5/0x1060 [tipc]\n [] tipc_aead_decrypt_done+0x215/0x2e0 [tipc]\n [] cryptd_aead_crypt+0xdb/0x190\n [] cryptd_queue_worker+0xed/0x190\n [] process_one_work+0x93d/0x17e0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tipc: force a dst refcount before doing decryption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40983"
},
{
"category": "external",
"summary": "RHBZ#2297567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297567"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40983",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40983"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40983-e1b1@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40983-e1b1@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tipc: force a dst refcount before doing decryption"
},
{
"cve": "CVE-2024-40984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297568"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"\n\nUndo the modifications made in commit d410ee5109a1 (\"ACPICA: avoid\n\"Info: mapping multiple BARs. Your kernel is fine.\"\"). The initial\npurpose of this commit was to stop memory mappings for operation\nregions from overlapping page boundaries, as it can trigger warnings\nif different page attributes are present.\n\nHowever, it was found that when this situation arises, mapping\ncontinues until the boundary\u0027s end, but there is still an attempt to\nread/write the entire length of the map, leading to a NULL pointer\ndeference. For example, if a four-byte mapping request is made but\nonly one byte is mapped because it hits the current page boundary\u0027s\nend, a four-byte read/write attempt is still made, resulting in a NULL\npointer deference.\n\nInstead, map the entire length, as the ACPI specification does not\nmandate that it must be within the same page boundary. It is\npermissible for it to be mapped across different regions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34;",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40984"
},
{
"category": "external",
"summary": "RHBZ#2297568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297568"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40984"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40984-66b2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40984-66b2@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34;"
},
{
"cve": "CVE-2024-41009",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2024-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298412"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s BPF subsystem. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bpf: Fix overrunning reservations in ringbuf",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41009"
},
{
"category": "external",
"summary": "RHBZ#2298412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41009"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071715-CVE-2024-41009-cac5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071715-CVE-2024-41009-cac5@gregkh/T"
}
],
"release_date": "2024-07-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: bpf: Fix overrunning reservations in ringbuf"
},
{
"cve": "CVE-2024-41042",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300412"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prefer nft_chain_validate\n\nnft_chain_validate already performs loop detection because a cycle will\nresult in a call stack overflow (ctx-\u003elevel \u003e= NFT_JUMP_STACK_SIZE).\n\nIt also follows maps via -\u003evalidate callback in nft_lookup, so there\nappears no reason to iterate the maps again.\n\nnf_tables_check_loops() and all its helper functions can be removed.\nThis improves ruleset load time significantly, from 23s down to 12s.\n\nThis also fixes a crash bug. Old loop detection code can result in\nunbounded recursion:\n\nBUG: TASK stack guard page was hit at ....\nOops: stack guard page: 0000 [#1] PREEMPT SMP KASAN\nCPU: 4 PID: 1539 Comm: nft Not tainted 6.10.0-rc5+ #1\n[..]\n\nwith a suitable ruleset during validation of register stores.\n\nI can\u0027t see any actual reason to attempt to check for this from\nnft_validate_register_store(), at this point the transaction is still in\nprogress, so we don\u0027t have a full picture of the rule graph.\n\nFor nf-next it might make sense to either remove it or make this depend\non table-\u003evalidate_state in case we could catch an error earlier\n(for improved error reporting to userspace).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: prefer nft_chain_validate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41042"
},
{
"category": "external",
"summary": "RHBZ#2300412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41042"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072924-CVE-2024-41042-c338@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072924-CVE-2024-41042-c338@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: netfilter: nf_tables: prefer nft_chain_validate"
},
{
"cve": "CVE-2024-41066",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300442"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Add tx check to prevent skb leak\n\nBelow is a summary of how the driver stores a reference to an skb during\ntransmit:\n tx_buff[free_map[consumer_index]]-\u003eskb = new_skb;\n free_map[consumer_index] = IBMVNIC_INVALID_MAP;\n consumer_index ++;\nWhere variable data looks like this:\n free_map == [4, IBMVNIC_INVALID_MAP, IBMVNIC_INVALID_MAP, 0, 3]\n \tconsumer_index^\n tx_buff == [skb=null, skb=\u003cptr\u003e, skb=\u003cptr\u003e, skb=null, skb=null]\n\nThe driver has checks to ensure that free_map[consumer_index] pointed to\na valid index but there was no check to ensure that this index pointed\nto an unused/null skb address. So, if, by some chance, our free_map and\ntx_buff lists become out of sync then we were previously risking an\nskb memory leak. This could then cause tcp congestion control to stop\nsending packets, eventually leading to ETIMEDOUT.\n\nTherefore, add a conditional to ensure that the skb address is null. If\nnot then warn the user (because this is still a bug that should be\npatched) and free the old pointer to prevent memleak/tcp problems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ibmvnic: Add tx check to prevent skb leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41066"
},
{
"category": "external",
"summary": "RHBZ#2300442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41066",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41066"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072907-CVE-2024-41066-0a52@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072907-CVE-2024-41066-0a52@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ibmvnic from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ibmvnic: Add tx check to prevent skb leak"
},
{
"cve": "CVE-2024-41092",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300487"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Fix potential UAF by revoke of fence registers\n\nCI has been sporadically reporting the following issue triggered by\nigt@i915_selftest@live@hangcheck on ADL-P and similar machines:\n\n\u003c6\u003e [414.049203] i915: Running intel_hangcheck_live_selftests/igt_reset_evict_fence\n...\n\u003c6\u003e [414.068804] i915 0000:00:02.0: [drm] GT0: GUC: submission enabled\n\u003c6\u003e [414.068812] i915 0000:00:02.0: [drm] GT0: GUC: SLPC enabled\n\u003c3\u003e [414.070354] Unable to pin Y-tiled fence; err:-4\n\u003c3\u003e [414.071282] i915_vma_revoke_fence:301 GEM_BUG_ON(!i915_active_is_idle(\u0026fence-\u003eactive))\n...\n\u003c4\u003e[ 609.603992] ------------[ cut here ]------------\n\u003c2\u003e[ 609.603995] kernel BUG at drivers/gpu/drm/i915/gt/intel_ggtt_fencing.c:301!\n\u003c4\u003e[ 609.604003] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 609.604006] CPU: 0 PID: 268 Comm: kworker/u64:3 Tainted: G U W 6.9.0-CI_DRM_14785-g1ba62f8cea9c+ #1\n\u003c4\u003e[ 609.604008] Hardware name: Intel Corporation Alder Lake Client Platform/AlderLake-P DDR4 RVP, BIOS RPLPFWI1.R00.4035.A00.2301200723 01/20/2023\n\u003c4\u003e[ 609.604010] Workqueue: i915 __i915_gem_free_work [i915]\n\u003c4\u003e[ 609.604149] RIP: 0010:i915_vma_revoke_fence+0x187/0x1f0 [i915]\n...\n\u003c4\u003e[ 609.604271] Call Trace:\n\u003c4\u003e[ 609.604273] \u003cTASK\u003e\n...\n\u003c4\u003e[ 609.604716] __i915_vma_evict+0x2e9/0x550 [i915]\n\u003c4\u003e[ 609.604852] __i915_vma_unbind+0x7c/0x160 [i915]\n\u003c4\u003e[ 609.604977] force_unbind+0x24/0xa0 [i915]\n\u003c4\u003e[ 609.605098] i915_vma_destroy+0x2f/0xa0 [i915]\n\u003c4\u003e[ 609.605210] __i915_gem_object_pages_fini+0x51/0x2f0 [i915]\n\u003c4\u003e[ 609.605330] __i915_gem_free_objects.isra.0+0x6a/0xc0 [i915]\n\u003c4\u003e[ 609.605440] process_scheduled_works+0x351/0x690\n...\n\nIn the past, there were similar failures reported by CI from other IGT\ntests, observed on other platforms.\n\nBefore commit 63baf4f3d587 (\"drm/i915/gt: Only wait for GPU activity\nbefore unbinding a GGTT fence\"), i915_vma_revoke_fence() was waiting for\nidleness of vma-\u003eactive via fence_update(). That commit introduced\nvma-\u003efence-\u003eactive in order for the fence_update() to be able to wait\nselectively on that one instead of vma-\u003eactive since only idleness of\nfence registers was needed. But then, another commit 0d86ee35097a\n(\"drm/i915/gt: Make fence revocation unequivocal\") replaced the call to\nfence_update() in i915_vma_revoke_fence() with only fence_write(), and\nalso added that GEM_BUG_ON(!i915_active_is_idle(\u0026fence-\u003eactive)) in front.\nNo justification was provided on why we might then expect idleness of\nvma-\u003efence-\u003eactive without first waiting on it.\n\nThe issue can be potentially caused by a race among revocation of fence\nregisters on one side and sequential execution of signal callbacks invoked\non completion of a request that was using them on the other, still\nprocessed in parallel to revocation of those fence registers. Fix it by\nwaiting for idleness of vma-\u003efence-\u003eactive in i915_vma_revoke_fence().\n\n(cherry picked from commit 24bb052d3dd499c5956abad5f7d8e4fd07da7fb1)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41092"
},
{
"category": "external",
"summary": "RHBZ#2300487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300487"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41092"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072953-CVE-2024-41092-8bd7@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072953-CVE-2024-41092-8bd7@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers"
},
{
"cve": "CVE-2024-41093",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300488"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid using null object of framebuffer\n\nInstead of using state-\u003efb-\u003eobj[0] directly, get object from framebuffer\nby calling drm_gem_fb_get_obj() and return error code when object is\nnull to avoid using null object of framebuffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/amdgpu: avoid using null object of framebuffer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41093"
},
{
"category": "external",
"summary": "RHBZ#2300488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41093",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41093"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072953-CVE-2024-41093-9d6c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072953-CVE-2024-41093-9d6c@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/amdgpu: avoid using null object of framebuffer"
},
{
"cve": "CVE-2024-42070",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300508"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers\n\nregister store validation for NFT_DATA_VALUE is conditional, however,\nthe datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This\nonly requires a new helper function to infer the register type from the\nset datatype so this conditional check can be removed. Otherwise,\npointer to chain object can be leaked through the registers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42070"
},
{
"category": "external",
"summary": "RHBZ#2300508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300508"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42070",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42070"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072952-CVE-2024-42070-b271@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072952-CVE-2024-42070-b271@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers"
},
{
"cve": "CVE-2024-42079",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300517"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix NULL pointer dereference in gfs2_log_flush\n\nIn gfs2_jindex_free(), set sdp-\u003esd_jdesc to NULL under the log flush\nlock to provide exclusion against gfs2_log_flush().\n\nIn gfs2_log_flush(), check if sdp-\u003esd_jdesc is non-NULL before\ndereferencing it. Otherwise, we could run into a NULL pointer\ndereference when outstanding glock work races with an unmount\n(glock_work_func -\u003e run_queue -\u003e do_xmote -\u003e inode_go_sync -\u003e\ngfs2_log_flush).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42079"
},
{
"category": "external",
"summary": "RHBZ#2300517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42079"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072955-CVE-2024-42079-a13c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072955-CVE-2024-42079-a13c@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush"
},
{
"cve": "CVE-2024-42244",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"discovery_date": "2024-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303512"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: mos7840: fix crash on resume\n\nSince commit c49cfa917025 (\"USB: serial: use generic method if no\nalternative is provided in usb serial layer\"), USB serial core calls the\ngeneric resume implementation when the driver has not provided one.\n\nThis can trigger a crash on resume with mos7840 since support for\nmultiple read URBs was added back in 2011. Specifically, both port read\nURBs are now submitted on resume for open ports, but the context pointer\nof the second URB is left set to the core rather than mos7840 port\nstructure.\n\nFix this by implementing dedicated suspend and resume functions for\nmos7840.\n\nTested with Delock 87414 USB 2.0 to 4x serial adapter.\n\n[ johan: analyse crash and rewrite commit message; set busy flag on\n resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: USB: serial: mos7840: fix crash on resume",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42244"
},
{
"category": "external",
"summary": "RHBZ#2303512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42244"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024080741-CVE-2024-42244-2346@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024080741-CVE-2024-42244-2346@gregkh/T"
}
],
"release_date": "2024-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: USB: serial: mos7840: fix crash on resume"
},
{
"cve": "CVE-2024-42284",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305429"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Return non-zero value from tipc_udp_addr2str() on error\n\ntipc_udp_addr2str() should return non-zero value if the UDP media\naddress is invalid. Otherwise, a buffer overflow access can occur in\ntipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP\nmedia address.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42284"
},
{
"category": "external",
"summary": "RHBZ#2305429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42284"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081743-CVE-2024-42284-bbfa@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081743-CVE-2024-42284-bbfa@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error"
},
{
"cve": "CVE-2024-42292",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305437"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkobject_uevent: Fix OOB access within zap_modalias_env()\n\nzap_modalias_env() wrongly calculates size of memory block to move, so\nwill cause OOB memory access issue if variable MODALIAS is not the last\none within its @env parameter, fixed by correcting size to memmove.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: kobject_uevent: Fix OOB access within zap_modalias_env()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42292"
},
{
"category": "external",
"summary": "RHBZ#2305437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42292",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42292"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081746-CVE-2024-42292-5387@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081746-CVE-2024-42292-5387@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: kobject_uevent: Fix OOB access within zap_modalias_env()"
},
{
"cve": "CVE-2024-42301",
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305446"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndev/parport: fix the array out-of-bounds risk\n\nFixed array out-of-bounds issues caused by sprintf\nby replacing it with snprintf for safer data copying,\nensuring the destination buffer is not overflowed.\n\nBelow is the stack trace I encountered during the actual issue:\n\n[ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector:\nKernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport]\n[ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm:\nQThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2\n[ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp\n[ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun\nPGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024\n[ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace:\n[ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0\n[ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20\n[ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c\n[ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc\n[ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38\n[ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: dev/parport: fix the array out-of-bounds risk",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42301"
},
{
"category": "external",
"summary": "RHBZ#2305446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305446"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42301",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42301"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081749-CVE-2024-42301-4026@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081749-CVE-2024-42301-4026@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: dev/parport: fix the array out-of-bounds risk"
},
{
"cve": "CVE-2024-43854",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2305512"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: initialize integrity buffer to zero before writing it to media\n\nMetadata added by bio_integrity_prep is using plain kmalloc, which leads\nto random kernel memory being written media. For PI metadata this is\nlimited to the app tag that isn\u0027t used by kernel generated metadata,\nbut for non-PI metadata the entire buffer leaks kernel memory.\n\nFix this by adding the __GFP_ZERO flag to allocations for writes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: block: initialize integrity buffer to zero before writing it to media",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43854"
},
{
"category": "external",
"summary": "RHBZ#2305512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43854"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024081734-CVE-2024-43854-5586@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024081734-CVE-2024-43854-5586@gregkh/T"
}
],
"release_date": "2024-08-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: block: initialize integrity buffer to zero before writing it to media"
},
{
"cve": "CVE-2024-43880",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2024-08-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2306374"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_erp: Fix object nesting warning\n\nACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM\n(A-TCAM) or in the ordinary circuit TCAM (C-TCAM). The former can\ncontain more ACLs (i.e., tc filters), but the number of masks in each\nregion (i.e., tc chain) is limited.\n\nIn order to mitigate the effects of the above limitation, the device\nallows filters to share a single mask if their masks only differ in up\nto 8 consecutive bits. For example, dst_ip/25 can be represented using\ndst_ip/24 with a delta of 1 bit. The C-TCAM does not have a limit on the\nnumber of masks being used (and therefore does not support mask\naggregation), but can contain a limited number of filters.\n\nThe driver uses the \"objagg\" library to perform the mask aggregation by\npassing it objects that consist of the filter\u0027s mask and whether the\nfilter is to be inserted into the A-TCAM or the C-TCAM since filters in\ndifferent TCAMs cannot share a mask.\n\nThe set of created objects is dependent on the insertion order of the\nfilters and is not necessarily optimal. Therefore, the driver will\nperiodically ask the library to compute a more optimal set (\"hints\") by\nlooking at all the existing objects.\n\nWhen the library asks the driver whether two objects can be aggregated\nthe driver only compares the provided masks and ignores the A-TCAM /\nC-TCAM indication. This is the right thing to do since the goal is to\nmove as many filters as possible to the A-TCAM. The driver also forbids\ntwo identical masks from being aggregated since this can only happen if\none was intentionally put in the C-TCAM to avoid a conflict in the\nA-TCAM.\n\nThe above can result in the following set of hints:\n\nH1: {mask X, A-TCAM} -\u003e H2: {mask Y, A-TCAM} // X is Y + delta\nH3: {mask Y, C-TCAM} -\u003e H4: {mask Z, A-TCAM} // Y is Z + delta\n\nAfter getting the hints from the library the driver will start migrating\nfilters from one region to another while consulting the computed hints\nand instructing the device to perform a lookup in both regions during\nthe transition.\n\nAssuming a filter with mask X is being migrated into the A-TCAM in the\nnew region, the hints lookup will return H1. Since H2 is the parent of\nH1, the library will try to find the object associated with it and\ncreate it if necessary in which case another hints lookup (recursive)\nwill be performed. This hints lookup for {mask Y, A-TCAM} will either\nreturn H2 or H3 since the driver passes the library an object comparison\nfunction that ignores the A-TCAM / C-TCAM indication.\n\nThis can eventually lead to nested objects which are not supported by\nthe library [1].\n\nFix by removing the object comparison function from both the driver and\nthe library as the driver was the only user. That way the lookup will\nonly return exact matches.\n\nI do not have a reliable reproducer that can reproduce the issue in a\ntimely manner, but before the fix the issue would reproduce in several\nminutes and with the fix it does not reproduce in over an hour.\n\nNote that the current usefulness of the hints is limited because they\ninclude the C-TCAM indication and represent aggregation that cannot\nactually happen. This will be addressed in net-next.\n\n[1]\nWARNING: CPU: 0 PID: 153 at lib/objagg.c:170 objagg_obj_parent_assign+0xb5/0xd0\nModules linked in:\nCPU: 0 PID: 153 Comm: kworker/0:18 Not tainted 6.9.0-rc6-custom-g70fbc2c1c38b #42\nHardware name: Mellanox Technologies Ltd. MSN3700C/VMOD0008, BIOS 5.11 10/10/2018\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:objagg_obj_parent_assign+0xb5/0xd0\n[...]\nCall Trace:\n \u003cTASK\u003e\n __objagg_obj_get+0x2bb/0x580\n objagg_obj_get+0xe/0x80\n mlxsw_sp_acl_erp_mask_get+0xb5/0xf0\n mlxsw_sp_acl_atcam_entry_add+0xe8/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_one+0x16b/0x270\n mlxsw_sp_acl_tcam_vregion_rehash_work+0xbe/0x510\n process_one_work+0x151/0x370",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43880"
},
{
"category": "external",
"summary": "RHBZ#2306374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43880"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024082137-CVE-2024-43880-78ec@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024082137-CVE-2024-43880-78ec@gregkh/T"
}
],
"release_date": "2024-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning"
},
{
"cve": "CVE-2024-43889",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"discovery_date": "2024-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307862"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability exists in the Linux kernel. A possible divide-by-0 is in the padata_mt_helper() function when the ps-\u003echunk_size is 0. This vulnerability could result in a loss of system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43889"
},
{
"category": "external",
"summary": "RHBZ#2307862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43889"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024082600-CVE-2024-43889-4d0b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024082600-CVE-2024-43889-4d0b@gregkh/T"
}
],
"release_date": "2024-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: padata: Fix possible divide-by-0 panic in padata_mt_helper()"
},
{
"cve": "CVE-2024-43892",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2024-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307865"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg: protect concurrent access to mem_cgroup_idr\n\nCommit 73f576c04b94 (\"mm: memcontrol: fix cgroup creation failure after\nmany small jobs\") decoupled the memcg IDs from the CSS ID space to fix the\ncgroup creation failures. It introduced IDR to maintain the memcg ID\nspace. The IDR depends on external synchronization mechanisms for\nmodifications. For the mem_cgroup_idr, the idr_alloc() and idr_replace()\nhappen within css callback and thus are protected through cgroup_mutex\nfrom concurrent modifications. However idr_remove() for mem_cgroup_idr\nwas not protected against concurrency and can be run concurrently for\ndifferent memcgs when they hit their refcnt to zero. Fix that.\n\nWe have been seeing list_lru based kernel crashes at a low frequency in\nour fleet for a long time. These crashes were in different part of\nlist_lru code including list_lru_add(), list_lru_del() and reparenting\ncode. Upon further inspection, it looked like for a given object (dentry\nand inode), the super_block\u0027s list_lru didn\u0027t have list_lru_one for the\nmemcg of that object. The initial suspicions were either the object is\nnot allocated through kmem_cache_alloc_lru() or somehow\nmemcg_list_lru_alloc() failed to allocate list_lru_one() for a memcg but\nreturned success. No evidence were found for these cases.\n\nLooking more deeply, we started seeing situations where valid memcg\u0027s id\nis not present in mem_cgroup_idr and in some cases multiple valid memcgs\nhave same id and mem_cgroup_idr is pointing to one of them. So, the most\nreasonable explanation is that these situations can happen due to race\nbetween multiple idr_remove() calls or race between\nidr_alloc()/idr_replace() and idr_remove(). These races are causing\nmultiple memcgs to acquire the same ID and then offlining of one of them\nwould cleanup list_lrus on the system for all of them. Later access from\nother memcgs to the list_lru cause crashes due to missing list_lru_one.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memcg: protect concurrent access to mem_cgroup_idr",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43892"
},
{
"category": "external",
"summary": "RHBZ#2307865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43892"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024082604-CVE-2024-43892-584a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024082604-CVE-2024-43892-584a@gregkh/T"
}
],
"release_date": "2024-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memcg: protect concurrent access to mem_cgroup_idr"
},
{
"cve": "CVE-2024-44935",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2307892"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: Fix null-ptr-deref in reuseport_add_sock().\n\nsyzbot reported a null-ptr-deref while accessing sk2-\u003esk_reuseport_cb in\nreuseport_add_sock(). [0]\n\nThe repro first creates a listener with SO_REUSEPORT. Then, it creates\nanother listener on the same port and concurrently closes the first\nlistener.\n\nThe second listen() calls reuseport_add_sock() with the first listener as\nsk2, where sk2-\u003esk_reuseport_cb is not expected to be cleared concurrently,\nbut the close() does clear it by reuseport_detach_sock().\n\nThe problem is SCTP does not properly synchronise reuseport_alloc(),\nreuseport_add_sock(), and reuseport_detach_sock().\n\nThe caller of reuseport_alloc() and reuseport_{add,detach}_sock() must\nprovide synchronisation for sockets that are classified into the same\nreuseport group.\n\nOtherwise, such sockets form multiple identical reuseport groups, and\nall groups except one would be silently dead.\n\n 1. Two sockets call listen() concurrently\n 2. No socket in the same group found in sctp_ep_hashtable[]\n 3. Two sockets call reuseport_alloc() and form two reuseport groups\n 4. Only one group hit first in __sctp_rcv_lookup_endpoint() receives\n incoming packets\n\nAlso, the reported null-ptr-deref could occur.\n\nTCP/UDP guarantees that would not happen by holding the hash bucket lock.\n\nLet\u0027s apply the locking strategy to __sctp_hash_endpoint() and\n__sctp_unhash_endpoint().\n\n[0]:\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\nCPU: 1 UID: 0 PID: 10230 Comm: syz-executor119 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024\nRIP: 0010:reuseport_add_sock+0x27e/0x5e0 net/core/sock_reuseport.c:350\nCode: 00 0f b7 5d 00 bf 01 00 00 00 89 de e8 1b a4 ff f7 83 fb 01 0f 85 a3 01 00 00 e8 6d a0 ff f7 49 8d 7e 12 48 89 f8 48 c1 e8 03 \u003c42\u003e 0f b6 04 28 84 c0 0f 85 4b 02 00 00 41 0f b7 5e 12 49 8d 7e 14\nRSP: 0018:ffffc9000b947c98 EFLAGS: 00010202\nRAX: 0000000000000002 RBX: ffff8880252ddf98 RCX: ffff888079478000\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000012\nRBP: 0000000000000001 R08: ffffffff8993e18d R09: 1ffffffff1fef385\nR10: dffffc0000000000 R11: fffffbfff1fef386 R12: ffff8880252ddac0\nR13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f24e45b96c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffcced5f7b8 CR3: 00000000241be000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __sctp_hash_endpoint net/sctp/input.c:762 [inline]\n sctp_hash_endpoint+0x52a/0x600 net/sctp/input.c:790\n sctp_listen_start net/sctp/socket.c:8570 [inline]\n sctp_inet_listen+0x767/0xa20 net/sctp/socket.c:8625\n __sys_listen_socket net/socket.c:1883 [inline]\n __sys_listen+0x1b7/0x230 net/socket.c:1894\n __do_sys_listen net/socket.c:1902 [inline]\n __se_sys_listen net/socket.c:1900 [inline]\n __x64_sys_listen+0x5a/0x70 net/socket.c:1900\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f24e46039b9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f24e45b9228 EFLAGS: 00000246 ORIG_RAX: 0000000000000032\nRAX: ffffffffffffffda RBX: 00007f24e468e428 RCX: 00007f24e46039b9\nRDX: 00007f24e46039b9 RSI: 0000000000000003 RDI: 0000000000000004\nRBP: 00007f24e468e420 R08: 00007f24e45b96c0 R09: 00007f24e45b96c0\nR10: 00007f24e45b96c0 R11: 0000000000000246 R12: 00007f24e468e42c\nR13:\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: Fix null-ptr-deref in reuseport_add_sock().",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-44935"
},
{
"category": "external",
"summary": "RHBZ#2307892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307892"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-44935",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44935"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024082642-CVE-2024-44935-3452@gregkh/T"
}
],
"release_date": "2024-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: Fix null-ptr-deref in reuseport_add_sock()."
},
{
"cve": "CVE-2024-44989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309852"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix xfrm real_dev null pointer dereference\n\nWe shouldn\u0027t set real_dev to NULL because packets can be in transit and\nxfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume\nreal_dev is set.\n\n Example trace:\n kernel: BUG: unable to handle page fault for address: 0000000000001030\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: #PF: supervisor write access in kernel mode\n kernel: #PF: error_code(0x0002) - not-present page\n kernel: PGD 0 P4D 0\n kernel: Oops: 0002 [#1] PREEMPT SMP\n kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12\n kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 \u003c83\u003e 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:\n kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60\n kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00\n kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014\n kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000\n kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000\n kernel: FS: 00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: Call Trace:\n kernel: \u003cTASK\u003e\n kernel: ? __die+0x1f/0x60\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ? page_fault_oops+0x142/0x4c0\n kernel: ? do_user_addr_fault+0x65/0x670\n kernel: ? kvm_read_and_reset_apf_flags+0x3b/0x50\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: ? exc_page_fault+0x7b/0x180\n kernel: ? asm_exc_page_fault+0x22/0x30\n kernel: ? nsim_bpf_uninit+0x50/0x50 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: bond_ipsec_offload_ok+0x7b/0x90 [bonding]\n kernel: xfrm_output+0x61/0x3b0\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: ip_push_pending_frames+0x56/0x80",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bonding: fix xfrm real_dev null pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-44989"
},
{
"category": "external",
"summary": "RHBZ#2309852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309852"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-44989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44989"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024090446-CVE-2024-44989-8a2d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024090446-CVE-2024-44989-8a2d@gregkh/T"
}
],
"release_date": "2024-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: bonding: fix xfrm real_dev null pointer dereference"
},
{
"cve": "CVE-2024-44990",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309853"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix null pointer deref in bond_ipsec_offload_ok\n\nWe must check if there is an active slave before dereferencing the pointer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-44990"
},
{
"category": "external",
"summary": "RHBZ#2309853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309853"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-44990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44990"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024090446-CVE-2024-44990-6b62@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024090446-CVE-2024-44990-6b62@gregkh/T"
}
],
"release_date": "2024-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok"
},
{
"cve": "CVE-2024-45018",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311715"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: initialise extack before use\n\nFix missing initialisation of extack in flow offload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: flowtable: initialise extack before use",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45018"
},
{
"category": "external",
"summary": "RHBZ#2311715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45018"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024091108-CVE-2024-45018-7e30@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024091108-CVE-2024-45018-7e30@gregkh/T"
}
],
"release_date": "2024-09-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: flowtable: initialise extack before use"
},
{
"cve": "CVE-2024-46826",
"discovery_date": "2024-09-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2315178"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nELF: fix kernel.randomize_va_space double read\n\nELF loader uses \"randomize_va_space\" twice. It is sysctl and can change\nat any moment, so 2 loads could see 2 different values in theory with\nunpredictable consequences.\n\nIssue exactly one load for consistent value across one exec.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ELF: fix kernel.randomize_va_space double read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-46826"
},
{
"category": "external",
"summary": "RHBZ#2315178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315178"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-46826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46826"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024092750-CVE-2024-46826-7b80@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024092750-CVE-2024-46826-7b80@gregkh/T"
}
],
"release_date": "2024-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ELF: fix kernel.randomize_va_space double read"
},
{
"cve": "CVE-2024-47668",
"discovery_date": "2024-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2317601"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()\n\nIf we need to increase the tree depth, allocate a new node, and then\nrace with another thread that increased the tree depth before us, we\u0027ll\nstill have a preallocated node that might be used later.\n\nIf we then use that node for a new non-root node, it\u0027ll still have a\npointer to the old root instead of being zeroed - fix this by zeroing it\nin the cmpxchg failure path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47668"
},
{
"category": "external",
"summary": "RHBZ#2317601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47668"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024100906-CVE-2024-47668-6b53@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024100906-CVE-2024-47668-6b53@gregkh/T"
}
],
"release_date": "2024-10-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-05T00:54:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.27.1.rt7.368.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()"
}
]
}
rhsa-2024_5363
Vulnerability from csaf_redhat
Published
2024-08-15 05:34
Modified
2024-11-21 19:32
Summary
Red Hat Security Advisory: kernel security update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: phy: (CVE-2024-26600)
* kernel: netfilter: multiple flaws (CVE-2024-26808, CVE-2024-27065, CVE-2024-35899, CVE-2024-36005)
* kernel: cifs: (CVE-2024-26828)
* kernel: wifi: multiple flaws (CVE-2024-26897, CVE-2024-27052, CVE-2024-27049, CVE-2023-52651, CVE-2024-35789, CVE-2024-27434, CVE-2024-35845, CVE-2024-35937, CVE-2024-36941, CVE-2024-36922, CVE-2024-36921, CVE-2024-38575)
* kernel: nfs: (CVE-2024-26868)
* kernel: igc: (CVE-2024-26853)
* kernel: dmaengine/idxd: (CVE-2024-21823)
* kernel: ipv6: multiple flaws (CVE-2024-27417, CVE-2024-35969, CVE-2024-36903, CVE-2024-40961)
* kernel: vt: (CVE-2024-35823)
* kernel: efi: (CVE-2024-35800)
* kernel: mlxsw: (CVE-2024-35852)
* kernel: eeprom: (CVE-2024-35848)
* kernel: ice: (CVE-2024-35911)
* kernel: platform/x86: (CVE-2023-52864)
* kernel: i40e: (CVE-2024-36020)
* kernel: rtnetlink: (CVE-2024-36017)
* kernel: net: multiple flaws (CVE-2024-36929, CVE-2024-36971, CVE-2021-47606, CVE-2024-38558, CVE-2024-40928, CVE-2024-40954)
* kernel: ipvlan: (CVE-2024-33621)
* kernel: tcp: (CVE-2024-37356)
* kernel: virtio: (CVE-2024-37353)
* kernel: tls: (CVE-2024-36489)
* kernel: cxl/region: (CVE-2024-38391)
* kernel: bonding: (CVE-2024-39487)
* kernel: netns: (CVE-2024-40958)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.