RHSA-2024:5282
Vulnerability from csaf_redhat - Published: 2024-08-13 14:30 - Updated: 2026-02-02 11:04Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)
* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)
* kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)
* kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)
* kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.4.z Batch 27 (JIRA:RHEL-50526)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)\n\n* kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)\n\n* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)\n\n* kernel: NFSD: Fix the behavior of READ near OFFSET_MAX (CVE-2022-48827)\n\n* kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)\n\n* kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes (CVE-2022-48829)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.4.z Batch 27 (JIRA:RHEL-50526)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5282",
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2281949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949"
},
{
"category": "external",
"summary": "2292331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331"
},
{
"category": "external",
"summary": "2297474",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474"
},
{
"category": "external",
"summary": "2298166",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298166"
},
{
"category": "external",
"summary": "2298167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298167"
},
{
"category": "external",
"summary": "2298168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298168"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5282.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-02-02T11:04:04+00:00",
"generator": {
"date": "2026-02-02T11:04:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2024:5282",
"initial_release_date": "2024-08-13T14:30:30+00:00",
"revision_history": [
{
"date": "2024-08-13T14:30:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-13T14:30:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-02T11:04:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.4::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT TUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.4::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"product": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"product_id": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.138.1.rt7.214.el8_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-305.138.1.rt7.214.el8_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src"
},
"product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux NFV TUS (v.8.4)",
"product_id": "NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "NFV-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src"
},
"product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64 as a component of Red Hat Enterprise Linux RT TUS (v.8.4)",
"product_id": "RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"relates_to_product_reference": "RT-8.4.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48827",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298166"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s NFSD, where improper handling of read requests near the maximum offset can lead to an integer overflow. When a client attempts to read from a near-maximum offset, it causes the server to return an invalid NFS error, resulting in indefinite retries by the client. This behavior can disrupt file access and stability in networked environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFSD: Fix the behavior of READ near OFFSET_MAX",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48827"
},
{
"category": "external",
"summary": "RHBZ#2298166",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298166"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48827"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48827",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48827"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48827-f95b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48827-f95b@gregkh/T"
}
],
"release_date": "2024-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NFSD: Fix the behavior of READ near OFFSET_MAX"
},
{
"cve": "CVE-2022-48828",
"discovery_date": "2024-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298167"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s NFSD, where an underflow in the ia_size field can occur due to incorrect handling of file size types. When an NFS client sends a file size greater than the maximum value the system can handle, it can lead to an underflow in the ia_size variable, causing unpredictable behavior. This vulnerability impacts the integrity and reliability of file operations in NFS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFSD: Fix ia_size underflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48828"
},
{
"category": "external",
"summary": "RHBZ#2298167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48828",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48828"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48828-97cb@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48828-97cb@gregkh/T"
}
],
"release_date": "2024-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NFSD: Fix ia_size underflow"
},
{
"cve": "CVE-2022-48829",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"discovery_date": "2024-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298168"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s NFSD, specifically in the handling of large file sizes during NFSv3 SETATTR and CREATE operations. The ia_size field, being a signed 64-bit type, can lead to unexpected behavior when clients send size values larger than the maximum allowed. This improper handling can result in silent value capping, potentially leading to data corruption in file size management.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48829"
},
{
"category": "external",
"summary": "RHBZ#2298168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48829",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48829"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48829-2145@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071652-CVE-2022-48829-2145@gregkh/T"
}
],
"release_date": "2024-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NFSD: Fix NFSv3 SETATTR/CREATE\u0026#39;s handling of large file sizes"
},
{
"cve": "CVE-2024-36005",
"discovery_date": "2024-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2281949"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff \u003c0f\u003e 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] \u003cTASK\u003e\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36005"
},
{
"category": "external",
"summary": "RHBZ#2281949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T"
}
],
"release_date": "2024-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path"
},
{
"cve": "CVE-2024-36971",
"discovery_date": "2024-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292331"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s network route management. This flaw allows an attacker to alter the behavior of certain network connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: kernel: UAF in network route management",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971. Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them. This problem stems from modules which use the `negative_advice()` function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "RHBZ#2292331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T",
"url": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2024-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-07T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: kernel: UAF in network route management"
},
{
"cve": "CVE-2024-39502",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297474"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s Ionic driver in the ionic_qcq_enable() function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netif_napi_del(), leading to a use-after-free scenario when attempting to enable a previously unregistered NAPI, which result in kernel crashes or invalid opcode errors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ionic: fix use after netif_napi_del()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39502"
},
{
"category": "external",
"summary": "RHBZ#2297474",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39502"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-13T14:30:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5282"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"NFV-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"NFV-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.src",
"RT-8.4.0.Z.TUS:kernel-rt-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-core-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debug-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-devel-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-kvm-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64",
"RT-8.4.0.Z.TUS:kernel-rt-modules-extra-0:4.18.0-305.138.1.rt7.214.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ionic: fix use after netif_napi_del()"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…