rhsa-2024_10944
Vulnerability from csaf_redhat
Published
2024-12-11 16:18
Modified
2024-12-13 20:53
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook (CVE-2024-46695)
* kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (CVE-2024-49949)
* kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082)
* kernel: arm64: probes: Remove broken LDR (literal) uprobe support (CVE-2024-50099)
* kernel: xfrm: fix one more kernel-infoleak in algo dumping (CVE-2024-50110)
* kernel: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142)
* kernel: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (CVE-2024-50192)
* kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256)
* kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (CVE-2024-50264)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: selinux,smack: don\u0027t bypass permissions check in inode_setsecctx hook (CVE-2024-46695)\n\n* kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (CVE-2024-49949)\n\n* kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082)\n\n* kernel: arm64: probes: Remove broken LDR (literal) uprobe support (CVE-2024-50099)\n\n* kernel: xfrm: fix one more kernel-infoleak in algo dumping (CVE-2024-50110)\n\n* kernel: xfrm: validate new SA\u0026#39;s prefixlen using SA family when sel.family is unset (CVE-2024-50142)\n\n* kernel: irqchip/gic-v4: Don\u0027t allow a VMOVP on a dying VPE (CVE-2024-50192)\n\n* kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (CVE-2024-50256)\n\n* kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (CVE-2024-50264)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:10944", "url": "https://access.redhat.com/errata/RHSA-2024:10944" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2312083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312083" }, { "category": "external", "summary": "2320505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320505" }, { "category": "external", "summary": "2322308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322308" }, { "category": "external", "summary": "2323904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323904" }, { "category": "external", "summary": "2323930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323930" }, { "category": "external", "summary": "2324315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324315" }, { "category": "external", "summary": "2324612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324612" }, { "category": "external", "summary": "2324889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324889" }, { "category": "external", "summary": "2327168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327168" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10944.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-12-13T20:53:13+00:00", "generator": { "date": "2024-12-13T20:53:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:10944", "initial_release_date": "2024-12-11T16:18:59+00:00", "revision_history": [ { "date": "2024-12-11T16:18:59+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-12-11T16:18:59+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-13T20:53:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux RT (v. 8)", "product": { "name": "Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "product": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "product_id": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.32.1.rt7.373.el8_10?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.32.1.rt7.373.el8_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-46695", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2024-09-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2312083" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux,smack: don\u0027t bypass permissions check in inode_setsecctx hook\n\nMarek Gresko reports that the root user on an NFS client is able to\nchange the security labels on files on an NFS filesystem that is\nexported with root squashing enabled.\n\nThe end of the kerneldoc comment for __vfs_setxattr_noperm() states:\n\n * This function requires the caller to lock the inode\u0027s i_mutex before it\n * is executed. It also assumes that the caller will make the appropriate\n * permission checks.\n\nnfsd_setattr() does do permissions checking via fh_verify() and\nnfsd_permission(), but those don\u0027t do all the same permissions checks\nthat are done by security_inode_setxattr() and its related LSM hooks do.\n\nSince nfsd_setattr() is the only consumer of security_inode_setsecctx(),\nsimplest solution appears to be to replace the call to\n__vfs_setxattr_noperm() with a call to __vfs_setxattr_locked(). This\nfixes the above issue and has the added benefit of causing nfsd to\nrecall conflicting delegations on a file when a client tries to change\nits security label.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: selinux,smack: don\u0027t bypass permissions check in inode_setsecctx hook", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-46695" }, { "category": "external", "summary": "RHBZ#2312083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312083" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-46695", "url": "https://www.cve.org/CVERecord?id=CVE-2024-46695" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-46695", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46695" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46695-affc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024091340-CVE-2024-46695-affc@gregkh/T" } ], "release_date": "2024-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: selinux,smack: don\u0027t bypass permissions check in inode_setsecctx hook" }, { "cve": "CVE-2024-49949", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-10-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2320505" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential underflow in qdisc_pkt_len_init() with UFO\n\nAfter commit 7c6d2ecbda83 (\"net: be more gentle about silly gso\nrequests coming from user\") virtio_net_hdr_to_skb() had sanity check\nto detect malicious attempts from user space to cook a bad GSO packet.\n\nThen commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count\ntransport header in UFO\") while fixing one issue, allowed user space\nto cook a GSO packet with the following characteristic :\n\nIPv4 SKB_GSO_UDP, gso_size=3, skb-\u003elen = 28.\n\nWhen this packet arrives in qdisc_pkt_len_init(), we end up\nwith hdr_len = 28 (IPv4 header + UDP header), matching skb-\u003elen\n\nThen the following sets gso_segs to 0 :\n\ngso_segs = DIV_ROUND_UP(skb-\u003elen - hdr_len,\n shinfo-\u003egso_size);\n\nThen later we set qdisc_skb_cb(skb)-\u003epkt_len to back to zero :/\n\nqdisc_skb_cb(skb)-\u003epkt_len += (gso_segs - 1) * hdr_len;\n\nThis leads to the following crash in fq_codel [1]\n\nqdisc_pkt_len_init() is best effort, we only want an estimation\nof the bytes sent on the wire, not crashing the kernel.\n\nThis patch is fixing this particular issue, a following one\nadds more sanity checks for another potential bug.\n\n[1]\n[ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 70.724561] #PF: supervisor read access in kernel mode\n[ 70.724561] #PF: error_code(0x0000) - not-present page\n[ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0\n[ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991\n[ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel\n[ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 \u003c49\u003e 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49\nAll code\n========\n 0:\t24 08 \tand $0x8,%al\n 2:\t49 c1 e1 06 \tshl $0x6,%r9\n 6:\t44 89 7c 24 18 \tmov %r15d,0x18(%rsp)\n b:\t45 31 ed \txor %r13d,%r13d\n e:\t45 31 c0 \txor %r8d,%r8d\n 11:\t31 ff \txor %edi,%edi\n 13:\t89 44 24 14 \tmov %eax,0x14(%rsp)\n 17:\t4c 03 8b 90 01 00 00 \tadd 0x190(%rbx),%r9\n 1e:\teb 04 \tjmp 0x24\n 20:\t39 ca \tcmp %ecx,%edx\n 22:\t73 37 \tjae 0x5b\n 24:\t4d 8b 39 \tmov (%r9),%r15\n 27:\t83 c7 01 \tadd $0x1,%edi\n 2a:*\t49 8b 17 \tmov (%r15),%rdx\t\t\u003c-- trapping instruction\n 2d:\t49 89 11 \tmov %rdx,(%r9)\n 30:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n 34:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n 38:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 3f:\t49 \trex.WB\n\nCode starting with the faulting instruction\n===========================================\n 0:\t49 8b 17 \tmov (%r15),%rdx\n 3:\t49 89 11 \tmov %rdx,(%r9)\n 6:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n a:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n e:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 15:\t49 \trex.WB\n[ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202\n[ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000\n[ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001\n[ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000\n[ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58\n[ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000\n[ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000\n[ 70.724561] CS: 0010 DS: 0000 ES: 0000 C\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-49949" }, { "category": "external", "summary": "RHBZ#2320505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2320505" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-49949", "url": "https://www.cve.org/CVERecord?id=CVE-2024-49949" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-49949", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49949" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024102129-CVE-2024-49949-c792@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024102129-CVE-2024-49949-c792@gregkh/T" } ], "release_date": "2024-10-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO" }, { "cve": "CVE-2024-50082", "discovery_date": "2024-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2322308" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race\n\nWe\u0027re seeing crashes from rq_qos_wake_function that look like this:\n\n BUG: unable to handle page fault for address: ffffafe180a40084\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0\n Oops: Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40\n Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 \u003cf0\u003e 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00\n RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084\n RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011\n R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002\n R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003\n FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n try_to_wake_up+0x5a/0x6a0\n rq_qos_wake_function+0x71/0x80\n __wake_up_common+0x75/0xa0\n __wake_up+0x36/0x60\n scale_up.part.0+0x50/0x110\n wb_timer_fn+0x227/0x450\n ...\n\nSo rq_qos_wake_function() calls wake_up_process(data-\u003etask), which calls\ntry_to_wake_up(), which faults in raw_spin_lock_irqsave(\u0026p-\u003epi_lock).\n\np comes from data-\u003etask, and data comes from the waitqueue entry, which\nis stored on the waiter\u0027s stack in rq_qos_wait(). Analyzing the core\ndump with drgn, I found that the waiter had already woken up and moved\non to a completely unrelated code path, clobbering what was previously\ndata-\u003etask. Meanwhile, the waker was passing the clobbered garbage in\ndata-\u003etask to wake_up_process(), leading to the crash.\n\nWhat\u0027s happening is that in between rq_qos_wake_function() deleting the\nwaitqueue entry and calling wake_up_process(), rq_qos_wait() is finding\nthat it already got a token and returning. The race looks like this:\n\nrq_qos_wait() rq_qos_wake_function()\n==============================================================\nprepare_to_wait_exclusive()\n data-\u003egot_token = true;\n list_del_init(\u0026curr-\u003eentry);\nif (data.got_token)\n break;\nfinish_wait(\u0026rqw-\u003ewait, \u0026data.wq);\n ^- returns immediately because\n list_empty_careful(\u0026wq_entry-\u003eentry)\n is true\n... return, go do something else ...\n wake_up_process(data-\u003etask)\n (NO LONGER VALID!)-^\n\nNormally, finish_wait() is supposed to synchronize against the waker.\nBut, as noted above, it is returning immediately because the waitqueue\nentry has already been removed from the waitqueue.\n\nThe bug is that rq_qos_wake_function() is accessing the waitqueue entry\nAFTER deleting it. Note that autoremove_wake_function() wakes the waiter\nand THEN deletes the waitqueue entry, which is the proper order.\n\nFix it by swapping the order. We also need to use\nlist_del_init_careful() to match the list_empty_careful() in\nfinish_wait().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50082" }, { "category": "external", "summary": "RHBZ#2322308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322308" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50082", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50082" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50082", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50082" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024102937-CVE-2024-50082-c5b1@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024102937-CVE-2024-50082-c5b1@gregkh/T" } ], "release_date": "2024-10-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race" }, { "cve": "CVE-2024-50099", "discovery_date": "2024-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2323904" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: arm64: probes: Remove broken LDR (literal) uprobe support", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50099" }, { "category": "external", "summary": "RHBZ#2323904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50099", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50099" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50099", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50099" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024110526-CVE-2024-50099-1758@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024110526-CVE-2024-50099-1758@gregkh/T" } ], "release_date": "2024-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: arm64: probes: Remove broken LDR (literal) uprobe support" }, { "cve": "CVE-2024-50110", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "discovery_date": "2024-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2323930" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the `xfrm` module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random padding from the structures. This issue could lead to information leaks if uninitialized memory is accessed by user-space applications.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfrm: fix one more kernel-infoleak in algo dumping", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is considered moderate severity. While it involves the leakage of uninitialized kernel memory, it requires specific conditions to be exploited. The information leaked consists of random padding within data structures, which is less likely to contain critical information compared to more sensitive kernel data, such as encryption keys or user credentials.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50110" }, { "category": "external", "summary": "RHBZ#2323930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323930" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50110", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50110" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50110", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50110" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024110554-CVE-2024-50110-b4aa@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024110554-CVE-2024-50110-b4aa@gregkh/T" } ], "release_date": "2024-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xfrm: fix one more kernel-infoleak in algo dumping" }, { "cve": "CVE-2024-50142", "discovery_date": "2024-11-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2324315" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx-\u003esel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s how\nprefixlen is going to be used later on.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfrm: validate new SA\u0026#39;s prefixlen using SA family when sel.family is unset", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50142" }, { "category": "external", "summary": "RHBZ#2324315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324315" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50142", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50142" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50142", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50142" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50142-e0dc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50142-e0dc@gregkh/T" } ], "release_date": "2024-11-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xfrm: validate new SA\u0026#39;s prefixlen using SA family when sel.family is unset" }, { "cve": "CVE-2024-50192", "discovery_date": "2024-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2324612" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v4: Don\u0027t allow a VMOVP on a dying VPE\n\nKunkun Jiang reported that there is a small window of opportunity for\nuserspace to force a change of affinity for a VPE while the VPE has already\nbeen unmapped, but the corresponding doorbell interrupt still visible in\n/proc/irq/.\n\nPlug the race by checking the value of vmapp_count, which tracks whether\nthe VPE is mapped ot not, and returning an error in this case.\n\nThis involves making vmapp_count common to both GICv4.1 and its v4.0\nancestor.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: irqchip/gic-v4: Don\u0027t allow a VMOVP on a dying VPE", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50192" }, { "category": "external", "summary": "RHBZ#2324612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50192", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50192" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50192", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50192" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/tree/cve/published/2024/.CVE-2024-50192mbox", "url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/tree/cve/published/2024/.CVE-2024-50192mbox" } ], "release_date": "2024-11-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: irqchip/gic-v4: Don\u0027t allow a VMOVP on a dying VPE" }, { "cve": "CVE-2024-50256", "discovery_date": "2024-11-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2324889" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()\n\nI got a syzbot report without a repro [1] crashing in nf_send_reset6()\n\nI think the issue is that dev-\u003ehard_header_len is zero, and we attempt\nlater to push an Ethernet header.\n\nUse LL_MAX_HEADER, as other functions in net/ipv6/netfilter/nf_reject_ipv6.c.\n\n[1]\n\nskbuff: skb_under_panic: text:ffffffff89b1d008 len:74 put:14 head:ffff88803123aa00 data:ffff88803123a9f2 tail:0x3c end:0x140 dev:syz_tun\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 7373 Comm: syz.1.568 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0d 8d 48 c7 c6 60 a6 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 ba 30 38 02 48 83 c4 20 90 \u003c0f\u003e 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc900045269b0 EFLAGS: 00010282\nRAX: 0000000000000088 RBX: dffffc0000000000 RCX: cd66dacdc5d8e800\nRDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000\nRBP: ffff88802d39a3d0 R08: ffffffff8174afec R09: 1ffff920008a4ccc\nR10: dffffc0000000000 R11: fffff520008a4ccd R12: 0000000000000140\nR13: ffff88803123aa00 R14: ffff88803123a9f2 R15: 000000000000003c\nFS: 00007fdbee5ff6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000005d322000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n eth_header+0x38/0x1f0 net/ethernet/eth.c:83\n dev_hard_header include/linux/netdevice.h:3208 [inline]\n nf_send_reset6+0xce6/0x1270 net/ipv6/netfilter/nf_reject_ipv6.c:358\n nft_reject_inet_eval+0x3b9/0x690 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x418/0x6b0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n br_nf_pre_routing_ipv6+0x63e/0x770 net/bridge/br_netfilter_ipv6.c:184\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_bridge_pre net/bridge/br_input.c:277 [inline]\n br_handle_frame+0x9fd/0x1530 net/bridge/br_input.c:424\n __netif_receive_skb_core+0x13e8/0x4570 net/core/dev.c:5562\n __netif_receive_skb_one_core net/core/dev.c:5666 [inline]\n __netif_receive_skb+0x12f/0x650 net/core/dev.c:5781\n netif_receive_skb_internal net/core/dev.c:5867 [inline]\n netif_receive_skb+0x1e8/0x890 net/core/dev.c:5926\n tun_rx_batched+0x1b7/0x8f0 drivers/net/tun.c:1550\n tun_get_user+0x3056/0x47e0 drivers/net/tun.c:2007\n tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2053\n new_sync_write fs/read_write.c:590 [inline]\n vfs_write+0xa6d/0xc90 fs/read_write.c:683\n ksys_write+0x183/0x2b0 fs/read_write.c:736\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdbeeb7d1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48\nRSP: 002b:00007fdbee5ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fdbeed36058 RCX: 00007fdbeeb7d1ff\nRDX: 000000000000008e RSI: 0000000020000040 RDI: 00000000000000c8\nRBP: 00007fdbeebf12be R08: 0000000\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50256" }, { "category": "external", "summary": "RHBZ#2324889", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324889" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50256", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50256" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024110938-CVE-2024-50256-5b66@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024110938-CVE-2024-50256-5b66@gregkh/T" } ], "release_date": "2024-11-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()" }, { "cve": "CVE-2024-50264", "discovery_date": "2024-11-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2327168" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-50264" }, { "category": "external", "summary": "RHBZ#2327168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-50264", "url": "https://www.cve.org/CVERecord?id=CVE-2024-50264" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-50264", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50264" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024111920-CVE-2024-50264-0889@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024111920-CVE-2024-50264-0889@gregkh/T" } ], "release_date": "2024-11-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-12-11T16:18:59+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10944" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.32.1.rt7.373.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.