RHSA-2024:0439
Vulnerability from csaf_redhat - Published: 2024-01-25 09:43 - Updated: 2026-03-30 10:29Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)
* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
* kernel: eBPF: insufficient stack type checks in dynptr (CVE-2023-39191)
* kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)
* kernel: Race Condition leading to UAF in Unix Socket could happen in sk_receive_queue (BZ#2230094)
* kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)
* kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)
* kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)
* kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)
* kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)
* kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race (CVE-2023-3567)
* kernel: use-after-free in netfilter: nf_tables (CVE-2023-3777)
* kernel: use after free in nft_immediate_deactivate (CVE-2023-4015)
* kernel: A heap out-of-bounds write (CVE-2023-5717)
* hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
* kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
* kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)
* kernel: SEV-ES local priv escalation (CVE-2023-46813)
* kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
* kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c (CVE-2023-6679)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in area_cache_get in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c in the Netronome Flow Processor (NFP) driver in the Linux kernel. This flaw allows a manipulation that may lead to a use-after-free issue.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
This flaw can be mitigated by preventing the affected Netronome Flow Processor (NFP) kernel module from loading during the boot time; ensure the module is added to the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
This flaw can be mitigated by preventing the affected slip driver from loading during the boot time, and ensuring the module is added to the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A NULL pointer dereference was found in objtool, a build-time tool used during Linux kernel compilation. When find_insn() returns NULL on failure, the code proceeds to dereference the NULL pointer, causing objtool to crash with a segmentation fault during kernel build operations.
0.0 (None)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information.
6.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
This flaw can be mitigated by preventing the affected iscsi_tcp.ko kernel module from loading during the boot time, ensure the module is added into the blacklist file.
~~~
Refer:
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.
For Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:
# cat /proc/sys/kernel/unprivileged_bpf_disabled
The setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.
A NULL pointer dereference issue was found in the can protocol in net/can/af_can.c in the Linux kernel, where ml_priv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux kernel. An improper cleanup results in an out-of-boundary read. This flaw allows a local user to crash or escalate privileges on the system.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound, and the chain's owner rule can release the objects in certain circumstances.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is to skip loading the affected module "netfilter" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
~~~
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A use-after-free flaw was found in the Linux kernel's netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can unbind the chain and objects can be deactivated but used later.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is to skip loading the affected module "netfilter" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
~~~
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A use-after-free flaw was found in the Linux kernel's af_unix component that allows local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unix_stream_sendpage() function could access a skb that is being released by garbage collection, resulting in a use-after-free issue.
6.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSC_FSC flag set, has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free issue.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
To mitigate this issue, prevent the module sch_hfsc from being loaded by blacklisting the module to prevent it from loading automatically.
~~~
https://access.redhat.com/solutions/41278
~~~
A flaw was found in the Linux kernel's Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This issue may lead to a system crash, code execution, or local privilege escalation.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
It is not possible to trigger this issue with the default kernel.perf_event_paranoid sysctl value 2. You may check it with:
cat /proc/sys/kernel/perf_event_paranoid
A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation, other than installed the updated packages, for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is to skip loading the affected module "fbcon" onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at boot time.
~~~
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
8.2 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
A flaw was found in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A buffer overflow and null pointer dereference flaw was found in the Linux kernel's Secure Encrypted Virtualization (SEV) implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their privileges on the system.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF After a call to console_unlock() in vcs_read() the vc_data struct can be freed by vc_deallocate(). Because of that, the struct vc_data pointer load must be done at the top of while loop in vcs_read() to avoid a UAF when vcs_size() is called. Syzkaller reported a UAF in vcs_size(). BUG: KASAN: use-after-free in vcs_size (drivers/tty/vt/vc_screen.c:215) Read of size 4 at addr ffff8881137479a8 by task 4a005ed81e27e65/1537 CPU: 0 PID: 1537 Comm: 4a005ed81e27e65 Not tainted 6.2.0-rc5 #1 Hardware name: Red Hat KVM, BIOS 1.15.0-2.module Call Trace: <TASK> __asan_report_load4_noabort (mm/kasan/report_generic.c:350) vcs_size (drivers/tty/vt/vc_screen.c:215) vcs_read (drivers/tty/vt/vc_screen.c:415) vfs_read (fs/read_write.c:468 fs/read_write.c:450) ... </TASK> Allocated by task 1191: ... kmalloc_trace (mm/slab_common.c:1069) vc_allocate (./include/linux/slab.h:580 ./include/linux/slab.h:720 drivers/tty/vt/vt.c:1128 drivers/tty/vt/vt.c:1108) con_install (drivers/tty/vt/vt.c:3383) tty_init_dev (drivers/tty/tty_io.c:1301 drivers/tty/tty_io.c:1413 drivers/tty/tty_io.c:1390) tty_open (drivers/tty/tty_io.c:2080 drivers/tty/tty_io.c:2126) chrdev_open (fs/char_dev.c:415) do_dentry_open (fs/open.c:883) vfs_open (fs/open.c:1014) ... Freed by task 1548: ... kfree (mm/slab_common.c:1021) vc_port_destruct (drivers/tty/vt/vt.c:1094) tty_port_destructor (drivers/tty/tty_port.c:296) tty_port_put (drivers/tty/tty_port.c:312) vt_disallocate_all (drivers/tty/vt/vt_ioctl.c:662 (discriminator 2)) vt_ioctl (drivers/tty/vt/vt_ioctl.c:903) tty_ioctl (drivers/tty/tty_io.c:2776) ... The buggy address belongs to the object at ffff888113747800 which belongs to the cache kmalloc-1k of size 1024 The buggy address is located 424 bytes inside of 1024-byte region [ffff888113747800, ffff888113747c00) The buggy address belongs to the physical page: page:00000000b3fe6c7c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113740 head:00000000b3fe6c7c order:3 compound_mapcount:0 subpages_mapcount:0 compound_pincount:0 anon flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff) raw: 0017ffffc0010200 ffff888100042dc0 0000000000000000 dead000000000001 raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888113747880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888113747900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb > ffff888113747980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff888113747a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888113747a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Disabling lock debugging due to kernel taint
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2024:0439
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
Acknowledgments
Duoming Zhou
Pumpkin (@u1f383), working with DEVCORE Internship Program
Wei Chen
(IceSword Lab)
Xingyuan Mo
ETH Zurich
Johannes Wikner
Daniël Trujillo
Kaveh Razavi
Zero Day Initiative (ZDI)
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe (CVE-2023-2163)\n\n* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)\n\n* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)\n\n* kernel: eBPF: insufficient stack type checks in dynptr (CVE-2023-39191)\n\n* kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)\n\n* kernel: Race Condition leading to UAF in Unix Socket could happen in sk_receive_queue (BZ#2230094)\n\n* kernel: nfp: use-after-free in area_cache_get() (CVE-2022-3545)\n\n* kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)\n\n* kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)\n\n* kernel: NULL pointer dereference in can_rcv_filter (CVE-2023-2166)\n\n* kernel: Slab-out-of-bound read in compare_netdev_and_ip (CVE-2023-2176)\n\n* kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race (CVE-2023-3567)\n\n* kernel: use-after-free in netfilter: nf_tables (CVE-2023-3777)\n\n* kernel: use after free in nft_immediate_deactivate (CVE-2023-4015)\n\n* kernel: A heap out-of-bounds write (CVE-2023-5717)\n\n* hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)\n\n* kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)\n\n* kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c (CVE-2023-40283)\n\n* kernel: SEV-ES local priv escalation (CVE-2023-46813)\n\n* kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)\n\n* kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c (CVE-2023-6679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0439",
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2144379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144379"
},
{
"category": "external",
"summary": "2154178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154178"
},
{
"category": "external",
"summary": "2161310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161310"
},
{
"category": "external",
"summary": "2187773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187773"
},
{
"category": "external",
"summary": "2187813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187813"
},
{
"category": "external",
"summary": "2187931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187931"
},
{
"category": "external",
"summary": "2207625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207625"
},
{
"category": "external",
"summary": "2221463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
},
{
"category": "external",
"summary": "2226783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226783"
},
{
"category": "external",
"summary": "2230042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042"
},
{
"category": "external",
"summary": "2230094",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230094"
},
{
"category": "external",
"summary": "2231800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231800"
},
{
"category": "external",
"summary": "2237750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237750"
},
{
"category": "external",
"summary": "2237752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237752"
},
{
"category": "external",
"summary": "2237757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237757"
},
{
"category": "external",
"summary": "2237760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237760"
},
{
"category": "external",
"summary": "2240249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240249"
},
{
"category": "external",
"summary": "2244723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244723"
},
{
"category": "external",
"summary": "2246944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246944"
},
{
"category": "external",
"summary": "2246945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246945"
},
{
"category": "external",
"summary": "2253986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253986"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0439.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-03-30T10:29:05+00:00",
"generator": {
"date": "2026-03-30T10:29:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2024:0439",
"initial_release_date": "2024-01-25T09:43:34+00:00",
"revision_history": [
{
"date": "2024-01-25T09:43:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-25T09:43:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-30T10:29:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.48.1.rt14.333.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.48.1.rt14.333.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3545",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161310"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in area_cache_get in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c in the Netronome Flow Processor (NFP) driver in the Linux kernel. This flaw allows a manipulation that may lead to a use-after-free issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfp: use-after-free in area_cache_get()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3545"
},
{
"category": "external",
"summary": "RHBZ#2161310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3545"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a"
}
],
"release_date": "2022-08-11T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected Netronome Flow Processor (NFP) kernel module from loading during the boot time; ensure the module is added to the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfp: use-after-free in area_cache_get()"
},
{
"acknowledgments": [
{
"names": [
"Duoming Zhou"
]
}
],
"cve": "CVE-2022-41858",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2144379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41858"
},
{
"category": "external",
"summary": "RHBZ#2144379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41858"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798",
"url": "https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798"
}
],
"release_date": "2022-04-05T15:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected slip driver from loading during the boot time, and ensuring the module is added to the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip"
},
{
"cve": "CVE-2022-50879",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-12-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2426076"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in objtool, a build-time tool used during Linux kernel compilation. When find_insn() returns NULL on failure, the code proceeds to dereference the NULL pointer, causing objtool to crash with a segmentation fault during kernel build operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: objtool: Fix SEGFAULT",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is not a runtime kernel vulnerability. Objtool is a userspace build-time tool that runs during kernel compilation to validate object files. A crash in objtool affects the kernel build process only and has no impact on running systems. This should not be classified as a kernel security vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50879"
},
{
"category": "external",
"summary": "RHBZ#2426076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426076"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50879"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025123024-CVE-2022-50879-47a7@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025123024-CVE-2022-50879-47a7@gregkh/T"
}
],
"release_date": "2025-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: objtool: Fix SEGFAULT"
},
{
"acknowledgments": [
{
"names": [
"Pumpkin (@u1f383), working with DEVCORE Internship Program"
]
}
],
"cve": "CVE-2023-1192",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2154178"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in smb2_is_status_io_timeout()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Because analysis indicates that this issue will only cause momentary interruptions to connections, Red Hat rates the impact of this flaw as Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1192"
},
{
"category": "external",
"summary": "RHBZ#2154178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154178"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1192"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686fCVE-2023-52",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686fCVE-2023-52"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: use-after-free in smb2_is_status_io_timeout()"
},
{
"cve": "CVE-2023-2162",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187773"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: UAF during login when accessing the shost ipaddress",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2162"
},
{
"category": "external",
"summary": "RHBZ#2187773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2162",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2162"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/linux-scsi/msg181542.html",
"url": "https://www.spinics.net/lists/linux-scsi/msg181542.html"
}
],
"release_date": "2023-01-17T10:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected iscsi_tcp.ko kernel module from loading during the boot time, ensure the module is added into the blacklist file.\n~~~\nRefer: \nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278\n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: UAF during login when accessing the shost ipaddress"
},
{
"cve": "CVE-2023-2163",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2023-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2240249"
}
],
"notes": [
{
"category": "description",
"text": "An incorrect verifier pruning flaw was found in BPF in the Linux Kernel that may lead to unsafe code paths incorrectly marked as safe, resulting in arbitrary read/writes in kernel memory, lateral privilege escalation, and container escape.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Enterprise Linux 9.3 not affected, because the required patch applied before this CVE creation. For the Red Hat Enterprise Linux 9 before version 9.3 required fixes applied too.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2163"
},
{
"category": "external",
"summary": "RHBZ#2240249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2163"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed"
}
],
"release_date": "2023-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-2166",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-04-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187813"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference issue was found in the can protocol in net/can/af_can.c in the Linux kernel, where ml_priv may not be initialized in the receive path of CAN frames. This flaw allows a local user to crash the system or cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in can_rcv_filter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2166"
},
{
"category": "external",
"summary": "RHBZ#2187813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2166",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2166"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0acc442309a0a1b01bcdaa135e56e6398a49439c",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0acc442309a0a1b01bcdaa135e56e6398a49439c"
}
],
"release_date": "2022-12-06T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference in can_rcv_filter"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-2176",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187931"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux kernel. An improper cleanup results in an out-of-boundary read. This flaw allows a local user to crash or escalate privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Slab-out-of-bound read in compare_netdev_and_ip",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2176"
},
{
"category": "external",
"summary": "RHBZ#2187931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187931"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2176"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/linux-rdma/msg114749.html",
"url": "https://www.spinics.net/lists/linux-rdma/msg114749.html"
}
],
"release_date": "2022-12-11T05:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Slab-out-of-bound read in compare_netdev_and_ip"
},
{
"cve": "CVE-2023-3567",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-04-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2221463"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3567"
},
{
"category": "external",
"summary": "RHBZ#2221463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567"
},
{
"category": "external",
"summary": "https://www.spinics.net/lists/stable-commits/msg285184.html",
"url": "https://www.spinics.net/lists/stable-commits/msg285184.html"
}
],
"release_date": "2023-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race"
},
{
"cve": "CVE-2023-3777",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237750"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound, and the chain\u0027s owner rule can release the objects in certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in netfilter: nf_tables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace.\n\nAnd,\n\nOn non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n~~~\necho \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\nsysctl -p /etc/sysctl.d/userns.conf\n~~~\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3777"
},
{
"category": "external",
"summary": "RHBZ#2237750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3777"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"netfilter\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in netfilter: nf_tables"
},
{
"cve": "CVE-2023-4015",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237752"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can unbind the chain and objects can be deactivated but used later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free in nft_immediate_deactivate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace and on non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n~~~\n echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n sysctl -p /etc/sysctl.d/userns.conf\n~~~\nOn containerized deployments such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4015"
},
{
"category": "external",
"summary": "RHBZ#2237752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237752"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4015"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4015",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4015"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a771f7b266b02d262900c75f1e175c7fe76fec2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a771f7b266b02d262900c75f1e175c7fe76fec2"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"netfilter\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free in nft_immediate_deactivate"
},
{
"cve": "CVE-2023-4622",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237760"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s af_unix component that allows local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. This issue leads to a race condition where the unix_stream_sendpage() function could access a skb that is being released by garbage collection, resulting in a use-after-free issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free in unix_stream_sendpage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4622"
},
{
"category": "external",
"summary": "RHBZ#2237760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4622",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4622"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: use after free in unix_stream_sendpage"
},
{
"cve": "CVE-2023-4623",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237757"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSC_FSC flag set, has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: sch_hfsc UAF",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4623"
},
{
"category": "external",
"summary": "RHBZ#2237757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4623",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4623"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module sch_hfsc from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: sch_hfsc UAF"
},
{
"cve": "CVE-2023-5717",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246945"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This issue may lead to a system crash, code execution, or local privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child\u0027s sibling_list",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5717"
},
{
"category": "external",
"summary": "RHBZ#2246945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246945"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5717"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/events?id=32671e3799ca2e4590773fd0e63aaa4229e50c06",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/events?id=32671e3799ca2e4590773fd0e63aaa4229e50c06"
}
],
"release_date": "2023-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "It is not possible to trigger this issue with the default kernel.perf_event_paranoid sysctl value 2. You may check it with:\ncat /proc/sys/kernel/perf_event_paranoid",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: A heap out-of-bounds write when function perf_read_group is called and sibling_list is smaller than its child\u0027s sibling_list"
},
{
"acknowledgments": [
{
"names": [
"Xingyuan Mo"
],
"organization": "(IceSword Lab)"
}
],
"cve": "CVE-2023-6679",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-12-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253986"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-6679"
},
{
"category": "external",
"summary": "RHBZ#2253986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-6679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6679"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/",
"url": "https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/"
}
],
"release_date": "2023-12-11T11:48:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c"
},
{
"acknowledgments": [
{
"names": [
"Johannes Wikner",
"Dani\u00ebl Trujillo",
"Kaveh Razavi"
],
"organization": "ETH Zurich"
}
],
"cve": "CVE-2023-20569",
"discovery_date": "2023-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2207625"
}
],
"notes": [
{
"category": "description",
"text": "A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "amd: Return Address Predictor vulnerability leading to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "RHBZ#2207625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20569"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7049120",
"url": "https://access.redhat.com/solutions/7049120"
},
{
"category": "external",
"summary": "https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf",
"url": "https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf"
},
{
"category": "external",
"summary": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html"
}
],
"release_date": "2023-08-08T11:25:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation, other than installed the updated packages, for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "amd: Return Address Predictor vulnerability leading to information disclosure"
},
{
"cve": "CVE-2023-38409",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2023-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230042"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38409"
},
{
"category": "external",
"summary": "RHBZ#2230042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d"
}
],
"release_date": "2023-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \"fbcon\" onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment"
},
{
"acknowledgments": [
{
"names": [
"Zero Day Initiative (ZDI)"
]
}
],
"cve": "CVE-2023-39191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2226783"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eBPF: insufficient stack type checks in dynptr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Dynamic pointers were introduced in Red Hat Enterprise Linux 9.2 while rebasing BPF to version 5.19. Previous RHEL releases (7, 8, and 9.0) are not affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39191"
},
{
"category": "external",
"summary": "RHBZ#2226783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39191",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39191"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: eBPF: insufficient stack type checks in dynptr"
},
{
"cve": "CVE-2023-40283",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-08-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2231800"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk\u0027s children being mishandled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40283"
},
{
"category": "external",
"summary": "RHBZ#2231800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231800"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40283"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1"
}
],
"release_date": "2023-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c"
},
{
"cve": "CVE-2023-45871",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2023-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2244723"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel\u0027s ring buffer, leading to a system integrity issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IGB driver inadequate buffer size for frames larger than MTU",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because of its nature of exposure to the threat of impacting Confidentiality, Integrity and Availability by an attacker while being in an adjacent physical layer with no privilege required.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45871"
},
{
"category": "external",
"summary": "RHBZ#2244723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45871"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bb5ed01cd2428cd25b1c88a3a9cba87055eb289f",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bb5ed01cd2428cd25b1c88a3a9cba87055eb289f"
}
],
"release_date": "2023-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: IGB driver inadequate buffer size for frames larger than MTU"
},
{
"cve": "CVE-2023-46813",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2023-10-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246944"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow and null pointer dereference flaw was found in the Linux kernel\u0027s Secure Encrypted Virtualization (SEV) implementation for AMD functionality. This issue occurs when a user in SEV guest VM accesses MMIO registers, which could allow a local user to crash the system or escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SEV-ES local priv escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-46813"
},
{
"category": "external",
"summary": "RHBZ#2246944",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246944"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-46813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46813"
},
{
"category": "external",
"summary": "https://bugzilla.suse.com/show_bug.cgi?id=1212649",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1212649"
},
{
"category": "external",
"summary": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9",
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63e44bc52047f182601e7817da969a105aa1f721",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63e44bc52047f182601e7817da969a105aa1f721"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a37cd2a59d0cb270b1bba568fd3a3b8668b9d3ba",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a37cd2a59d0cb270b1bba568fd3a3b8668b9d3ba"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b9cb9c45583b911e0db71d09caa6b56469eb2bdf",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b9cb9c45583b911e0db71d09caa6b56469eb2bdf"
}
],
"release_date": "2023-10-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: SEV-ES local priv escalation"
},
{
"cve": "CVE-2023-52973",
"discovery_date": "2025-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355433"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF\n\nAfter a call to console_unlock() in vcs_read() the vc_data struct can be\nfreed by vc_deallocate(). Because of that, the struct vc_data pointer\nload must be done at the top of while loop in vcs_read() to avoid a UAF\nwhen vcs_size() is called.\n\nSyzkaller reported a UAF in vcs_size().\n\nBUG: KASAN: use-after-free in vcs_size (drivers/tty/vt/vc_screen.c:215)\nRead of size 4 at addr ffff8881137479a8 by task 4a005ed81e27e65/1537\n\nCPU: 0 PID: 1537 Comm: 4a005ed81e27e65 Not tainted 6.2.0-rc5 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module\nCall Trace:\n \u003cTASK\u003e\n__asan_report_load4_noabort (mm/kasan/report_generic.c:350)\nvcs_size (drivers/tty/vt/vc_screen.c:215)\nvcs_read (drivers/tty/vt/vc_screen.c:415)\nvfs_read (fs/read_write.c:468 fs/read_write.c:450)\n...\n \u003c/TASK\u003e\n\nAllocated by task 1191:\n...\nkmalloc_trace (mm/slab_common.c:1069)\nvc_allocate (./include/linux/slab.h:580 ./include/linux/slab.h:720\n drivers/tty/vt/vt.c:1128 drivers/tty/vt/vt.c:1108)\ncon_install (drivers/tty/vt/vt.c:3383)\ntty_init_dev (drivers/tty/tty_io.c:1301 drivers/tty/tty_io.c:1413\n drivers/tty/tty_io.c:1390)\ntty_open (drivers/tty/tty_io.c:2080 drivers/tty/tty_io.c:2126)\nchrdev_open (fs/char_dev.c:415)\ndo_dentry_open (fs/open.c:883)\nvfs_open (fs/open.c:1014)\n...\n\nFreed by task 1548:\n...\nkfree (mm/slab_common.c:1021)\nvc_port_destruct (drivers/tty/vt/vt.c:1094)\ntty_port_destructor (drivers/tty/tty_port.c:296)\ntty_port_put (drivers/tty/tty_port.c:312)\nvt_disallocate_all (drivers/tty/vt/vt_ioctl.c:662 (discriminator 2))\nvt_ioctl (drivers/tty/vt/vt_ioctl.c:903)\ntty_ioctl (drivers/tty/tty_io.c:2776)\n...\n\nThe buggy address belongs to the object at ffff888113747800\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 424 bytes inside of\n 1024-byte region [ffff888113747800, ffff888113747c00)\n\nThe buggy address belongs to the physical page:\npage:00000000b3fe6c7c refcount:1 mapcount:0 mapping:0000000000000000\n index:0x0 pfn:0x113740\nhead:00000000b3fe6c7c order:3 compound_mapcount:0 subpages_mapcount:0\n compound_pincount:0\nanon flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\nraw: 0017ffffc0010200 ffff888100042dc0 0000000000000000 dead000000000001\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff888113747880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\u003e ffff888113747980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff888113747a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff888113747a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\nDisabling lock debugging due to kernel taint",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52973"
},
{
"category": "external",
"summary": "RHBZ#2355433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52973"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025032703-CVE-2023-52973-a993@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025032703-CVE-2023-52973-a993@gregkh/T"
}
],
"release_date": "2025-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T09:43:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.48.1.rt14.333.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…