rhsa-2024_2950
Vulnerability from csaf_redhat
Published
2024-05-22 10:16
Modified
2024-12-12 09:52
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:2950", "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index" }, { "category": "external", "summary": "1731000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731000" }, { "category": "external", "summary": "1746732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746732" }, { "category": "external", "summary": "1888726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726" }, { "category": "external", "summary": "1999589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999589" }, { "category": "external", "summary": "2039178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039178" }, { "category": "external", "summary": "2043520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043520" }, { "category": "external", "summary": "2044578", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044578" }, { "category": "external", "summary": "2150953", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150953" }, { "category": "external", "summary": "2151959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151959" }, { "category": "external", "summary": "2177759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177759" }, { "category": "external", "summary": "2179892", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179892" }, { "category": "external", "summary": "2213132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213132" }, { "category": "external", "summary": "2218332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218332" }, { "category": "external", "summary": "2219359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219359" }, { "category": "external", "summary": "2221039", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221039" }, { "category": "external", "summary": "2221463", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463" }, { "category": "external", "summary": "2221702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702" }, { "category": "external", "summary": "2226777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226777" }, { "category": "external", "summary": "2226784", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226784" }, { "category": "external", "summary": "2226787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226787" }, { "category": "external", "summary": "2226788", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226788" }, { "category": "external", "summary": "2230042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042" }, { "category": "external", "summary": "2231410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231410" }, { "category": "external", "summary": "2235306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235306" }, { "category": "external", "summary": "2239845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239845" }, { "category": "external", "summary": "2239847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239847" }, { "category": "external", "summary": "2244720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244720" }, { "category": "external", "summary": "2250043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250043" }, { "category": "external", "summary": "2253632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253632" }, { "category": "external", "summary": "2254961", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254961" }, { "category": "external", "summary": "2254982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254982" }, { "category": "external", "summary": "2255283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255283" }, { "category": "external", "summary": "2256490", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256490" }, { "category": "external", "summary": "2256822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256822" }, { "category": "external", "summary": "2257682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257682" }, { "category": "external", "summary": "2257979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257979" }, { "category": "external", "summary": "2265285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265285" }, { "category": "external", "summary": "2265653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265653" }, { "category": "external", "summary": "2267695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267695" }, { "category": "external", "summary": "2267750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267750" }, { "category": "external", "summary": "2267760", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267760" }, { "category": "external", "summary": "2267761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267761" }, { "category": "external", "summary": "2269189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189" }, { "category": "external", "summary": "2269217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269217" }, { "category": "external", "summary": "2270836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836" }, { "category": "external", "summary": "2270883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270883" }, { "category": "external", "summary": "2272811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2950.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-12-12T09:52:51+00:00", "generator": { "date": "2024-12-12T09:52:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:2950", "initial_release_date": "2024-05-22T10:16:27+00:00", "revision_history": [ { "date": "2024-05-22T10:16:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-05-22T10:16:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-12T09:52:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux RT (v. 8)", "product": { "name": "Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "product": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "product_id": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.rt7.342.el8_10?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.rt7.342.el8_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-13631", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-07-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1731000" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of GTCO tablet/digitizer\u0027s version of the parse_hid_report_descriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write during the generation of debugging messages, or possibly escalate the privileges of a process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13631" }, { "category": "external", "summary": "RHBZ#1731000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13631", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13631" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13631", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13631" } ], "release_date": "2019-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "It is possible to prevent the kernel from loading the affected code by blacklisting the gtco kernel module. Visit https://access.redhat.com/solutions/41278 for specifics.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c" }, { "cve": "CVE-2019-15505", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-08-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1746732" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read flaw was found in the DVB USB subsystem of the Linux kernel. There was no boundary check applied to the array in struct technisat_usb2_state state-\u003ebuf until the 0xff byte is encountered. If the byte is not encountered within the limit, an exposure of kernel data structure occurs. Data confidentiality and system availability are the highest threats with this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15505" }, { "category": "external", "summary": "RHBZ#1746732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746732" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15505", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15505" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15505", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15505" } ], "release_date": "2019-08-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected module technisat_usb2 onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out of bounds read in drivers/media/usb/dvb-usb/technisat-usb2.c" }, { "cve": "CVE-2020-25656", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2020-10-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1888726" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in read in vt_do_kdgkb_ioctl", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Moderate impact because of the attack scenario limitation where only local user with access to VT console if at least CAP_SYS_TTY_CONFIG enabled can trigger this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-25656" }, { "category": "external", "summary": "RHBZ#1888726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888726" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-25656", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25656" }, { "category": "external", "summary": "https://lkml.org/lkml/2020/10/16/84", "url": "https://lkml.org/lkml/2020/10/16/84" }, { "category": "external", "summary": "https://lkml.org/lkml/2020/10/29/528", "url": "https://lkml.org/lkml/2020/10/29/528" } ], "release_date": "2020-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in read in vt_do_kdgkb_ioctl" }, { "cve": "CVE-2021-3753", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2021-08-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1999589" } ], "notes": [ { "category": "description", "text": "A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a race out-of-bound read in vt", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3753" }, { "category": "external", "summary": "RHBZ#1999589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3753", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3753" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3753", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3753" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7", "url": "https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/09/01/4", "url": "https://www.openwall.com/lists/oss-security/2021/09/01/4" } ], "release_date": "2021-09-01T11:30:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: a race out-of-bound read in vt" }, { "cve": "CVE-2021-4204", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-12-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2039178" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) memory access flaw was found in the Linux kernel\u0027s eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: improper input validation may lead to privilege escalation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4204" }, { "category": "external", "summary": "RHBZ#2039178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039178" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4204", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4204" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4204", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4204" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/11/4", "url": "https://www.openwall.com/lists/oss-security/2022/01/11/4" } ], "release_date": "2022-01-11T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: improper input validation may lead to privilege escalation" }, { "cve": "CVE-2022-0500", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044578" } ], "notes": [ { "category": "description", "text": "A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel\u2019s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0500" }, { "category": "external", "summary": "RHBZ#2044578", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044578" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0500", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0500" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0500", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0500" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n```\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n```\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN (or CAP_BPF) capabilities.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges" }, { "cve": "CVE-2022-3565", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150953" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s ISDN over IP tunnel functionality in how a local user triggers the release_card() function called from l1oip_cleanup(). This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in l1oip timer handlers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3565" }, { "category": "external", "summary": "RHBZ#2150953", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150953" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3565", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3565" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3565", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3565" } ], "release_date": "2022-09-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "To mitigate this issue, prevent the l1oip module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in l1oip timer handlers" }, { "acknowledgments": [ { "names": [ "tr3e" ], "organization": "SecCoder Security Lab" } ], "cve": "CVE-2022-23222", "cwe": { "id": "CWE-763", "name": "Release of Invalid Pointer or Reference" }, "discovery_date": "2022-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2043520" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s adjust_ptr_min_max_vals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for *_OR_NULL pointer types that perform pointer arithmetic may cause a kernel information leak issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: local privileges escalation in kernel/bpf/verifier.c", "title": "Vulnerability summary" }, { "category": "other", "text": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. \n\nThis would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23222" }, { "category": "external", "summary": "RHBZ#2043520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043520" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23222", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23222" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23222", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23222" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/13/1", "url": "https://www.openwall.com/lists/oss-security/2022/01/13/1" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: local privileges escalation in kernel/bpf/verifier.c" }, { "cve": "CVE-2022-45934", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2022-11-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2151959" } ], "notes": [ { "category": "description", "text": "An integer overflow flaw was found in the Linux kernel\u2019s L2CAP bluetooth functionality in how a user generates malicious L2CAP_CONF_REQ packets. This flaw allows a local or bluetooth connection user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated Moderate based on the known scenarios of attack that cause a denial of service.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-45934" }, { "category": "external", "summary": "RHBZ#2151959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-45934", "url": "https://www.cve.org/CVERecord?id=CVE-2022-45934" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45934", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45934" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d" } ], "release_date": "2022-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c" }, { "acknowledgments": [ { "names": [ "Xingyuan Mo" ], "organization": "IceSword Lab" } ], "cve": "CVE-2023-1513", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "discovery_date": "2023-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2179892" } ], "notes": [ { "category": "description", "text": "A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6 is not affected by this issue as KVM did not include the `KVM_GET_DEBUGREGS` ioctl.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-1513" }, { "category": "external", "summary": "RHBZ#2179892", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179892" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1513", "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1513", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1513" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: KVM: information leak in KVM_GET_DEBUGREGS ioctl on 32-bit systems" }, { "cve": "CVE-2023-3567", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2221463" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3567" }, { "category": "external", "summary": "RHBZ#2221463", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3567", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3567" }, { "category": "external", "summary": "https://www.spinics.net/lists/stable-commits/msg285184.html", "url": "https://www.spinics.net/lists/stable-commits/msg285184.html" } ], "release_date": "2023-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race" }, { "acknowledgments": [ { "names": [ "Duoming Zhou" ] } ], "cve": "CVE-2023-4133", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-07-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2221702" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: cxgb4: use-after-free in ch_flower_stats_cb()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4133" }, { "category": "external", "summary": "RHBZ#2221702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4133", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4133" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4133", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4133" } ], "release_date": "2023-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: cxgb4: use-after-free in ch_flower_stats_cb()" }, { "acknowledgments": [ { "names": [ "Bien Pham (https://sea.com)" ], "organization": "Team Orca of Sea Security Team" } ], "cve": "CVE-2023-4244", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-08-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2235306" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to `nft_set_elem_mark_busy`, causing double deactivation of the element and possibly leading to a kernel information leak problem.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction", "title": "Vulnerability summary" }, { "category": "other", "text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace.\n\nAnd,\n\nOn non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n$ echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n$ sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4244" }, { "category": "external", "summary": "RHBZ#2235306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4244", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4244" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4244", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4244" }, { "category": "external", "summary": "https://lore.kernel.org/netdev/20230810070830.24064-1-pablo@netfilter.org/", "url": "https://lore.kernel.org/netdev/20230810070830.24064-1-pablo@netfilter.org/" }, { "category": "external", "summary": "https://lore.kernel.org/netdev/20230815223011.7019-1-fw@strlen.de/", "url": "https://lore.kernel.org/netdev/20230815223011.7019-1-fw@strlen.de/" } ], "release_date": "2023-08-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected module \"nftables\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Use-after-free in nft_verdict_dump due to a race between set GC and transaction" }, { "acknowledgments": [ { "names": [ "Alon Zahavi" ] } ], "cve": "CVE-2023-6121", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-11-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2250043" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6121" }, { "category": "external", "summary": "RHBZ#2250043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250043" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6121", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6121" } ], "release_date": "2023-11-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "This flaw can be mitigated by explicitly setting the kernel parameter to restrict unprivileged users from using dmesg:\n```\nsudo sysctl -w kernel.dmesg_restrict=1\n```\nTo make it persistent between system reboots:\n```\necho \u0027kernel.dmesg_restrict=1\u0027 | sudo tee -a /etc/sysctl.conf\n```", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get" }, { "cve": "CVE-2023-6176", "discovery_date": "2023-07-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2219359" } ], "notes": [ { "category": "description", "text": "A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: local dos vulnerability in scatterwalk_copychunks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6176" }, { "category": "external", "summary": "RHBZ#2219359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6176" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066" } ], "release_date": "2023-09-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: local dos vulnerability in scatterwalk_copychunks" }, { "acknowledgments": [ { "names": [ "Xingyuan Mo" ], "organization": "(IceSword Lab)" } ], "cve": "CVE-2023-6622", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2023-12-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253632" } ], "notes": [ { "category": "description", "text": "A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: null pointer dereference vulnerability in nft_dynset_init()", "title": "Vulnerability summary" }, { "category": "other", "text": "To trigger the issue, it requires the ability to create user/net namespaces.\n\nOn non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation, as the functionality is needed to be enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6622" }, { "category": "external", "summary": "RHBZ#2253632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253632" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6622", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6622" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6622", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6622" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea", "url": "https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea" } ], "release_date": "2023-12-08T11:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected module \"netfilter\" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: null pointer dereference vulnerability in nft_dynset_init()" }, { "acknowledgments": [ { "names": [ "ZhengHan Wang" ], "organization": "Hillstone Network" } ], "cve": "CVE-2023-6915", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254982" } ], "notes": [ { "category": "description", "text": "A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6915" }, { "category": "external", "summary": "RHBZ#2254982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254982" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6915", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6915" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6915", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6915" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a", "url": "https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a" } ], "release_date": "2024-01-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c" }, { "cve": "CVE-2023-6932", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-12-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2255283" } ], "notes": [ { "category": "description", "text": "A race condition has been discovered in the Linux kernel\u0027s Internet Group Management Protocol (IGMP) implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the normal operation of affected systems, leading to service disruption or, in the worst case, unauthorized access to sensitive resources.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in IPv4 IGMP", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability poses a moderate severity risk due to its potential to trigger a use-after-free issue when processing IGMPv2 query packets under specific conditions. An attacker could exploit this flaw by continuously sending crafted IGMPv2 query packets to a vulnerable system, causing a reference count underflow in the multicast group list management. Subsequently, this could lead to a use-after-free scenario, potentially resulting in a denial-of-service condition or other adverse effects. While exploitation requires specific configurations and continuous packet transmission, the impact could be significant, warranting attention and remediation to prevent potential exploitation and system instability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6932" }, { "category": "external", "summary": "RHBZ#2255283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255283" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6932", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6932" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6932", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6932" } ], "release_date": "2023-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in IPv4 IGMP" }, { "cve": "CVE-2023-24023", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2023-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254961" } ], "notes": [ { "category": "description", "text": "A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live injection, aka BLUFFS.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability identified as CVE-2023-24023, dubbed \"Bluetooth Forward and Future Secrecy Attacks and Defenses (BLUFFS),\" is categorized as having moderate severity due to several factors. While it does allow for potential Man-in-The-Middle (MITM) attacks between paired Bluetooth BR/EDR devices, its impact is somewhat limited by certain conditions. Firstly, successful exploitation requires the attacker to be within wireless range of the vulnerable devices during the encryption procedure initiation. Additionally, the attacker\u0027s ability to force a reduction in encryption key length may not guarantee real-time brute-forcing of the key, particularly if it exceeds 7 octets.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-24023" }, { "category": "external", "summary": "RHBZ#2254961", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254961" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24023", "url": "https://www.cve.org/CVERecord?id=CVE-2023-24023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24023" }, { "category": "external", "summary": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/bluffs-vulnerability/", "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/bluffs-vulnerability/" } ], "release_date": "2023-12-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses" }, { "cve": "CVE-2023-25775", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2023-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2231410" } ], "notes": [ { "category": "description", "text": "An improper access control flaw was found in the Intel(R) Ethernet Controller RDMA driver in the Linux Kernel. This flaw allows an unauthenticated user to enable privilege escalation via network access.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: irdma: Improper access control", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25775" }, { "category": "external", "summary": "RHBZ#2231410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231410" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25775", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25775" }, { "category": "external", "summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html" } ], "release_date": "2023-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: irdma: Improper access control" }, { "cve": "CVE-2023-28464", "cwe": { "id": "CWE-415", "name": "Double Free" }, "discovery_date": "2023-03-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2177759" } ], "notes": [ { "category": "description", "text": "A double-free vulnerability was found in the hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux Kernel. This issue may cause a denial of service or privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: double free in hci_conn_cleanup of the bluetooth subsystem", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28464" }, { "category": "external", "summary": "RHBZ#2177759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177759" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28464", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28464" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28464", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28464" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2023/03/28/2", "url": "https://www.openwall.com/lists/oss-security/2023/03/28/2" } ], "release_date": "2023-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Kernel: double free in hci_conn_cleanup of the bluetooth subsystem" }, { "cve": "CVE-2023-31083", "discovery_date": "2023-06-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2213132" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s Bluetooth HCI UART driver. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-31083" }, { "category": "external", "summary": "RHBZ#2213132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213132" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-31083", "url": "https://www.cve.org/CVERecord?id=CVE-2023-31083" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-31083", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31083" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/bluetooth/hci_ldisc.c?h=v6.6-rc7\u0026id=9c33663af9ad115f90c076a1828129a3fbadea98", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/bluetooth/hci_ldisc.c?h=v6.6-rc7\u0026id=9c33663af9ad115f90c076a1828129a3fbadea98" } ], "release_date": "2023-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "To mitigate this issue, prevent module hci_uart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl" }, { "cve": "CVE-2023-37453", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2221039" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read issue was found in the USB subsystem in the Linux kernel. This flaw allows a malicious user to crash the system, resulting in a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: out-of-bounds read in read_descriptors", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux minor releases prior to 8.9.0 and 9.3.0 are not affected by this CVE as they did not include the upstream commit that introduced this flaw: https://github.com/torvalds/linux/commit/45bf39f8df7f.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-37453" }, { "category": "external", "summary": "RHBZ#2221039", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221039" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-37453", "url": "https://www.cve.org/CVERecord?id=CVE-2023-37453" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37453", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37453" } ], "release_date": "2023-06-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: usb: out-of-bounds read in read_descriptors" }, { "cve": "CVE-2023-38409", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2023-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2230042" } ], "notes": [ { "category": "description", "text": "A memory corruption flaw was found in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Framebuffer Console in the Linux kernel. This flaw allows a local attacker to crash the system, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-38409" }, { "category": "external", "summary": "RHBZ#2230042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230042" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-38409", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38409" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38409" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=fffb0b52d5258554c645c966c6cbef7de50b851d" } ], "release_date": "2023-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected module \"fbcon\" onto the system until we have a fix available. This can be done by a blacklist mechanism and will ensure the driver is not loaded at boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment" }, { "cve": "CVE-2023-39189", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-07-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2226777" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39189" }, { "category": "external", "summary": "RHBZ#2226777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39189", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39189" } ], "release_date": "2023-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "This flaw can be mitigated by preventing the affected Passive OS Fingerprinting match module (`xt_osf`) from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()" }, { "cve": "CVE-2023-39192", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-07-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2226784" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: xtables out-of-bounds read in u32_match_it()", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 9 is not affected by this flaw as the `xt_u32` driver is not built.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39192" }, { "category": "external", "summary": "RHBZ#2226784", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226784" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39192", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39192" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39192", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39192" }, { "category": "external", "summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/" } ], "release_date": "2023-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "This flaw can be mitigated by preventing the affected `xt_u32` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: xtables out-of-bounds read in u32_match_it()" }, { "cve": "CVE-2023-39193", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-07-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2226787" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: xtables sctp out-of-bounds read in match_flags()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39193" }, { "category": "external", "summary": "RHBZ#2226787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39193", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39193" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39193", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39193" }, { "category": "external", "summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/" } ], "release_date": "2023-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "This flaw can be mitigated by preventing the affected `xt_sctp` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: xtables sctp out-of-bounds read in match_flags()" }, { "cve": "CVE-2023-39194", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-07-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2226788" } ], "notes": [ { "category": "description", "text": "A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39194" }, { "category": "external", "summary": "RHBZ#2226788", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226788" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39194", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39194" }, { "category": "external", "summary": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/" } ], "release_date": "2023-09-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match()" }, { "cve": "CVE-2023-39198", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2218332" } ], "notes": [ { "category": "description", "text": "A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has been rated as having a Moderate impact due to the restricted privileges (access to /dev/dri/card0) needed for the bug to be exploited.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39198" }, { "category": "external", "summary": "RHBZ#2218332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39198", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39198" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39198", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39198" } ], "release_date": "2023-08-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: QXL: race condition leading to use-after-free in qxl_mode_dumb_create()" }, { "cve": "CVE-2023-42754", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2023-09-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239845" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 6 and 7 are not affected by this CVE, as they did not include the upstream commit that introduced this flaw: https://github.com/torvalds/linux/commit/ed0de45.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-42754" }, { "category": "external", "summary": "RHBZ#2239845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239845" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-42754", "url": "https://www.cve.org/CVERecord?id=CVE-2023-42754" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42754", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42754" }, { "category": "external", "summary": "https://seclists.org/oss-sec/2023/q4/14", "url": "https://seclists.org/oss-sec/2023/q4/14" } ], "release_date": "2023-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ipv4: NULL pointer dereference in ipv4_send_dest_unreach()" }, { "cve": "CVE-2023-42755", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-09-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239847" } ], "notes": [ { "category": "description", "text": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: rsvp: out-of-bounds read in rsvp_classify()", "title": "Vulnerability summary" }, { "category": "other", "text": "The rsvp classifier has been retired upstream (commit 265b4da \"net/sched: Retire rsvp classifier\"). Red Hat Enterprise Linux 9 is not affected by this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-42755" }, { "category": "external", "summary": "RHBZ#2239847", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239847" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-42755", "url": "https://www.cve.org/CVERecord?id=CVE-2023-42755" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42755", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42755" }, { "category": "external", "summary": "https://seclists.org/oss-sec/2023/q3/229", "url": "https://seclists.org/oss-sec/2023/q3/229" } ], "release_date": "2023-09-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "This flaw can be mitigated by preventing the affected `cls_rsvp` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: rsvp: out-of-bounds read in rsvp_classify()" }, { "cve": "CVE-2023-45863", "discovery_date": "2022-10-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2244720" } ], "notes": [ { "category": "description", "text": "An out-of-bounds memory write flaw was found in the load/unload module in the Linux kernel\u0027s kobject functionality, potentially triggering a race condition in the kobject_get_path function. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-45863" }, { "category": "external", "summary": "RHBZ#2244720", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244720" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45863", "url": "https://www.cve.org/CVERecord?id=CVE-2023-45863" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45863", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45863" } ], "release_date": "2023-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: lib/kobject.c vulnerable to fill_kobj_path out-of-bounds write" }, { "cve": "CVE-2023-51779", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-01-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2256822" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the bt_sock_recvmsg() and bt_sock_ioctl() functions could lead to a use-after-free on a socket buffer (\"skb\"). This flaw allows a local user to cause a denial of service condition or potential code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has been rated as having a Moderate impact because it is believed to be difficult to exploit and it is not clear whether or not it could be used to achieve local privilege escalation.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51779" }, { "category": "external", "summary": "RHBZ#2256822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256822" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51779", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51779" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51779", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51779" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768", "url": "https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768" } ], "release_date": "2023-12-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg" }, { "cve": "CVE-2023-51780", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-01-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2257682" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u0027s net/atm/ioctl.c (ATM networking technology driver): do_vcc_ioctl in net/atm/ioctl.c is vulnerable to use-after-free due to a race condition in vcc_recvmsg. This issue can allow an attacker to possibly gain unauthorized access, escalate privileges, or cause the system to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in net/atm/ioctl.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is considered to be Moderate because there is no known way to trigger kernel panic, only read incorrect buffer size because it occurs in the SIOCINQ call that returns the number of unread bytes in the receive buffer.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51780" }, { "category": "external", "summary": "RHBZ#2257682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51780", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51780" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51780", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51780" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3", "url": "https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3" } ], "release_date": "2024-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "To mitigate this issue, prevent module atm from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in net/atm/ioctl.c" }, { "cve": "CVE-2023-52340", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2257979" } ], "notes": [ { "category": "description", "text": "A flaw in the routing table size was found in the ICMPv6 handling of \"Packet Too Big\". The size of the routing table is regulated by periodic garbage collection. However, with \"Packet Too Big Messages\" it is possible to exceed the routing table size and garbage collector threshold. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ICMPv6 \u201cPacket Too Big\u201d packets force a DoS of the Linux kernel by forcing 100% CPU", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52340" }, { "category": "external", "summary": "RHBZ#2257979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257979" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52340", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52340" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52340", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52340" }, { "category": "external", "summary": "https://alas.aws.amazon.com/cve/html/CVE-2023-52340.html", "url": "https://alas.aws.amazon.com/cve/html/CVE-2023-52340.html" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=af6d10345ca76670c1b7c37799f0d5576ccef277" } ], "release_date": "2024-01-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ICMPv6 \u201cPacket Too Big\u201d packets force a DoS of the Linux kernel by forcing 100% CPU" }, { "cve": "CVE-2023-52434", "discovery_date": "2024-02-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265285" } ], "notes": [ { "category": "description", "text": "A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2_parse_contexts() function. Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: smb: client: fix potential OOBs in smb2_parse_contexts()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52434" }, { "category": "external", "summary": "RHBZ#2265285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265285" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52434", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52434" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=17a0f64cc02d4972e21c733d9f21d1c512963afa", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=17a0f64cc02d4972e21c733d9f21d1c512963afa" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=af1689a9b7701d9907dfc84d2a4b57c4bc907144", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=af1689a9b7701d9907dfc84d2a4b57c4bc907144" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022033-makeshift-flammable-cb72@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022033-makeshift-flammable-cb72@gregkh/T/#u" } ], "release_date": "2024-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: smb: client: fix potential OOBs in smb2_parse_contexts()" }, { "cve": "CVE-2023-52448", "discovery_date": "2024-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265653" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel when accessing the rgd-\u003erd_rgl in the gfs2_rgrp_dump() function. This issue may lead to a crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52448" }, { "category": "external", "summary": "RHBZ#2265653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52448", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52448" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52448", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52448" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022255-CVE-2023-52448-7bf2@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022255-CVE-2023-52448-7bf2@gregkh/T/#u" } ], "release_date": "2024-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump" }, { "cve": "CVE-2023-52489", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269189" } ], "notes": [ { "category": "description", "text": "A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52489" }, { "category": "external", "summary": "RHBZ#2269189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52489", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage" }, { "cve": "CVE-2023-52574", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267750" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in drivers/net/team/team.c in the Linux kernel.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: team: NULL pointer dereference when team device type is changed", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52574" }, { "category": "external", "summary": "RHBZ#2267750", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267750" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52574", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52574" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52574", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52574" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030256-CVE-2023-52574-a423@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030256-CVE-2023-52574-a423@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: team: NULL pointer dereference when team device type is changed" }, { "cve": "CVE-2023-52580", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267760" } ], "notes": [ { "category": "description", "text": "A flaw was found in the ETH_P_1588 flow dissector in the Linux Kernel, which can lead to a kernel crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/core: kernel crash in ETH_P_1588 flow dissector", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52580" }, { "category": "external", "summary": "RHBZ#2267760", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267760" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52580", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52580" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52580", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52580" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52580-c37e@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52580-c37e@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/core: kernel crash in ETH_P_1588 flow dissector" }, { "cve": "CVE-2023-52581", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267761" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the source code.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: memory leak when more than 255 elements expired", "title": "Vulnerability summary" }, { "category": "other", "text": "Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace.\n\nAlso, on non-containerized deployments of Red Hat Enterprise Linux, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n$ echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n$ sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52581" }, { "category": "external", "summary": "RHBZ#2267761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52581", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52581" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52581", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52581" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected module \"nftables\" onto the system until we have an available fix. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: memory leak when more than 255 elements expired" }, { "cve": "CVE-2023-52597", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268311" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: fix setting of fpc register\n\nkvm_arch_vcpu_ioctl_set_fpu() allows to set the floating point control\n(fpc) register of a guest cpu. The new value is tested for validity by\ntemporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the host process:\nif an interrupt happens while the value is temporarily loaded into the fpc\nregister, and within interrupt context floating point or vector registers\nare used, the current fp/vx registers are saved with save_fpu_regs()\nassuming they belong to user space and will be loaded into fp/vx registers\nwhen returning to user space.\n\ntest_fp_ctl() restores the original user space / host process fpc register\nvalue, however it will be discarded, when returning to user space.\n\nIn result the host process will incorrectly continue to run with the value\nthat was supposed to be used for a guest cpu.\n\nFix this by simply removing the test. There is another test right before\nthe SIE context is entered which will handles invalid values.\n\nThis results in a change of behaviour: invalid values will now be accepted\ninstead of that the ioctl fails with -EINVAL. This seems to be acceptable,\ngiven that this interface is most likely not used anymore, and this is in\naddition the same behaviour implemented with the memory mapped interface\n(replace invalid values with zero) - see sync_regs() in kvm-s390.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: KVM: s390: fix setting of fpc register", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52597" }, { "category": "external", "summary": "RHBZ#2268311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268311" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52597", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52597" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52597", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52597" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030646-CVE-2023-52597-2ed6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024030646-CVE-2023-52597-2ed6@gregkh/T" } ], "release_date": "2024-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: KVM: s390: fix setting of fpc register" }, { "cve": "CVE-2023-52620", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270883" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in netfilter/nf_tables componets of Linux Kernel allows an userspace to set timeouts for anonymous sets, which are not intended to be used this way. This could lead to unexpected behaviour or security issues.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: disallow timeout for anonymous sets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52620" }, { "category": "external", "summary": "RHBZ#2270883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270883" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52620", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52620" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52620", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52620" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024032147-CVE-2023-52620-11a9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024032147-CVE-2023-52620-11a9@gregkh/T" } ], "release_date": "2024-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: disallow timeout for anonymous sets" }, { "cve": "CVE-2024-0841", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-01-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2256490" } ], "notes": [ { "category": "description", "text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-0841" }, { "category": "external", "summary": "RHBZ#2256490", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256490" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-0841", "url": "https://www.cve.org/CVERecord?id=CVE-2024-0841" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0841" } ], "release_date": "2024-01-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function" }, { "cve": "CVE-2024-25742", "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270836" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: amd: Instruction raise #VC exception at exit", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-25742" }, { "category": "external", "summary": "RHBZ#2270836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25742", "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25742" }, { "category": "external", "summary": "https://arxiv.org/html/2404.03526v1", "url": "https://arxiv.org/html/2404.03526v1" }, { "category": "external", "summary": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html", "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html" } ], "release_date": "2024-04-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hw: amd: Instruction raise #VC exception at exit" }, { "cve": "CVE-2024-25743", "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270836" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: amd: Instruction raise #VC exception at exit", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-25743" }, { "category": "external", "summary": "RHBZ#2270836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270836" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25743", "url": "https://www.cve.org/CVERecord?id=CVE-2024-25743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25743" }, { "category": "external", "summary": "https://arxiv.org/html/2404.03526v1", "url": "https://arxiv.org/html/2404.03526v1" }, { "category": "external", "summary": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html", "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html" } ], "release_date": "2024-04-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hw: amd: Instruction raise #VC exception at exit" }, { "cve": "CVE-2024-26602", "discovery_date": "2024-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267695" } ], "notes": [ { "category": "description", "text": "A flaw was found in sys_membarrier in the Linux kernel in sched/membarrier in how a user calls it at too high of a frequency. This flaw allows a local user to saturate the machine.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26602" }, { "category": "external", "summary": "RHBZ#2267695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267695" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26602", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26602" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/944d5fe50f3f03daacfea16300e656a1691c4a23", "url": "https://github.com/torvalds/linux/commit/944d5fe50f3f03daacfea16300e656a1691c4a23" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76@gregkh/", "url": "https://lore.kernel.org/linux-cve-announce/2024022414-CVE-2024-26602-5e76@gregkh/" } ], "release_date": "2024-02-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier" }, { "cve": "CVE-2024-26609", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269217" } ], "notes": [ { "category": "description", "text": "[REJECTED CVE] An issue was identified in the Linux kernel\u0027s netfilter subsystem related to nf_tables. The issue occurs when a positive value, such as NF_ACCEPT, is provided in the upper 16 bits of NF_DROP verdict parameters, which are expected to contain valid errno values (e.g., -EPERM). This improper input handling could lead to memory corruption, potentially allowing attackers to exploit the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE has been rejected upstream:- https://lore.kernel.org/linux-cve-announce/20240312135714.1522772-2-lee@kernel.org/", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26609" }, { "category": "external", "summary": "RHBZ#2269217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26609", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26609" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26609", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26609" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-41-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-41-lee@kernel.org/T" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters" }, { "cve": "CVE-2024-26671", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272811" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: blk-mq: fix IO hang from sbitmap wakeup race", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is fixed in RHEL-9.4 and above (including RHEL 8.10)\n~~~\na7f97b4cae32 (in rhel-9.4, rhel-9.5) blk-mq: fix IO hang from sbitmap wakeup race \n098ab94a5112 (in rhel-8.10) blk-mq: fix IO hang from sbitmap wakeup race\n~~~\n\nPlease note that while RHEL-9 kernel-rt still appears as affected, it has been fixed in the same RHSA as RHEL-9 kernel. This is because from RHEL-9.3 onwards, the kernel and kernel-rt fixes are bundled together in a single errata.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26671" }, { "category": "external", "summary": "RHBZ#2272811", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272811" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26671", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26671" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2024-26671-2543@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-05-22T10:16:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:2950" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "NFV-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "NFV-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.src", "RT-8.10.0.GA:kernel-rt-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-core-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-devel-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-kvm-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-0:4.18.0-553.rt7.342.el8_10.x86_64", "RT-8.10.0.GA:kernel-rt-modules-extra-0:4.18.0-553.rt7.342.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: blk-mq: fix IO hang from sbitmap wakeup race" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.